Install Let’s Encrypt SSL Certificate for Domain with Virtualmin

Serve your website securely over https with free SSL certificate from Let's Encrypt

Virtualmin comes with options to manage SSL certificates for each of your domains. You can have commercial SSL certificates or free Let’s Encrypt certificates for each of your domains. This post will help you install Let’s Encrypt SSL certificate with Virtualmin.

Let’s Encrypt is a great way to obtain free SSL certificates for your domains. Certificates from letsencrypt are issued after a quick DNS verification. It’s done programmatically. Which means you need to configure your domain DNS to point to the server before requesting a SSL certificate from Let’s Encrypt.

Installing a commercial certificate is different from installing a Let’s Encrypt certificate. Follow my instructions to install NameCheap SSL certificate on Virtualmin if you’re looking for a commercial solution. But free SSL from Let’s Encrypt is sufficient for most webmasters.

I’m going to assume you already have Virtualmin installed on your VPS and have added your domain to Virtualmin. Or else this tutorial won’t work for you.

Install Let’s Encrypt SSL certificate with Virtualmin

Start by login to Virtualmin with root user account. And then select your domain name from the list on left sidebar. Domain will be already selected if you only have one domain. Now navigate to Server Configuration > Manage SSL Certificates from the left sidebar.
Virtualmin Manage SSL Certificates

As you can see from the above image, your domain is already assigned with a self-signed SSL certificate. But these certificates are not trusted by web browsers. That is why you saw a security warning when you first try to login to Virtualmin. But we’re going to fix that. Click Let’s Encrypt to switch to Let’s Encrypt settings. Here you can generate a free certificate for your domain or subdomain.
Virtualmin Letsencrypt

You can use Domains associated with this server option if you’re requesting a certificate for your root domain. You need to have both www and non-www versions of your domain pointing to your server to pass the verification. Or you can select Domain names listed here option and type the domain name in the text box to request certificate for single version of your domain.

You should use Domain names listed here option for your subdomains because Virtualmin try to request certificate for your subdomain with and without www with Domains associated with this server option. This will cause verification to fail.

Next, type 2.9 in the text box next to Months between automatic renewal. This will make sure your SSL certificate gets automatically renewed before 3 months. Let’s Encrypt SSL certificates are only valid for 3 months.

Now click Request Certificate to install Let’s Encrypt SSL certificate with Virtualmin. Assuming you have DNS setup properly, your certificate will be obtained from Let’s Encrypt and will be installed on your domain. You can now open https version of your website with your favorite browser to enjoy the shiny green padlock icon.

Copy Let’s Encrypt SSL Certificate to Virtualmin

Although your domain is configured with SSL now, Virtualmin isn’t. You’ll still get a security warning when accessing Virtualmin from port 10000. We can fix this by copying generated Let’s Encrypt SSL certificate file to Virtualmin. But remember, only do this if you’re accessing Virtualmin from the domain name SSL certificate was issued for. Or you’ll still get a security warning.

Go back to Server Configuration > Manage SSL Certificates and click Copy to Webmin. That’s it. Certificate will be applied to Virtualmin and port 10000 will also be protected with the new certificate. You might have to restart your browser to see the changes.

Tags
Show More

Tharindu

Hey!! I'm Tharindu. I'm from Sri Lanka. I'm a part time freelancer and this is my blog where I write about everything I think might be useful to readers. If you read a tutorial here and want to hire me, contact me here.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Close