Secure Webmin with Let’s Encrypt

In this article I am going to show you how to configure Webmin with Let’s Encrypt have a valid certificate installed used by Webmin so it will no longer display a Certificate error.

Let's Encrypt
Let’s Encrypt

By default Webmin uses a self-signed certificate which is not trusted and in order to get rid of the certificate error one needs a Certificate Authority signed certificate. Usually Certificates cost some money but with Let’s Encrypt one can use a free Let’s Encrypt Certificate and receive the benefits of a real certificate. The down side is that you will need to renew the certificate every 30 days or so. Let’s get started.

Installation and configuration of Webmin & Let’s Encrypt

I expect that you already have a running Ubuntu Server and Webmin installed. If not follow the links. Before we start lets update our installation.

sudo apt update
sudo apt upgrade
sudo apt dist-upgrade

Now that this is out of the way lets install Apache 2 which helps us with the Let’s Encrypt Certificate.

sudo apt install apache2 -y

Apache2 is now installed lets start it up and enable it for auto start during the boot up process with the following commands:

sudo systemctl start apache2
sudo systemctl enable apache2

and to be sure it is running execute the following command:

sudo systemctl status apache 2

Apache 2 system status

Perfect, apache2 is up and running. Next we need to login to Webmin and after successful login you should see the system information.

Webmin System Information

On this “System Information Screen” you should see the fully qualified domain name or FQDN right next to “System hostname“. On the left hand side click on the Webmin menu and click on Webmin Configuration. You should see something like the following:

Webmin Configuration

On the bottom row click on “SSL Encryption” and you see the following:

SSL Encryption

Now click on the Tab “Let’s Encrypt” and you see the following:

Let's Encrypt

On that screen there are a few things to check. First make sure the “Hostnames for certificate” matches your systems name as we have seen on the “System Information Screen” and secondly select the option “Other Directory” and enter the path /var/www/html if you are running on Ubuntu Server 20.04 LTS. The last option should be selected by default but it does not hurt to verify that:

  • Copy new key and certificate to Webmin: Yes
  • SSL Key Size: Default
  • Let’s Encrypt server: Real
  • Months between automatically renewal: 1

When done click on “Request Certificate” and if you don’t receive any error messages you are done. Log out of Webmin, closed that Tab and start a new one and enter your Webmin URL. You should get to the login screen without a Certificate Error.

Conclusion

Webmin is set up with using a Let’s Encrypt Certificate which is valid for 30 Days and should be renewed by Webmin each month. Let’s Encrypt is a free and fast way of securing your sites and Apps. If you have anything for me to add to this article please comment below and if you like for me to write about something use my Contact Form and let me know. Thank you 😉