Moving SSL certificate with Nginx

[iliajie]

Hey Jamie!

Moving SSL certificate to the new location seems to work just fine with Apache. To be clear I mean this page:

However, when used with Nginx things are getting really broken:

It gets broken to the level that Webmin stops working, e.g.:

miniserv.conf in this case gets new records, like:

-certfile=/etc/webmin/host.ubuntu24-gpl.virtualmin.dev.cert
+certfile=/etc/webmin/ubuntu24-gpl.virtualmin.dev.cert
-keyfile=/etc/webmin/host.ubuntu24-gpl.virtualmin.dev.key
+keyfile=/etc/webmin/ubuntu24-gpl.virtualmin.dev.key

.. but those new files simply don't exist!

root@ubuntu24-gpl:/etc# ls -lsa /etc/webmin/ubuntu24-gpl.virtualmin.dev.key
ls: cannot access '/etc/webmin/ubuntu24-gpl.virtualmin.dev.key': No such file or directory
root@ubuntu24-gpl:/etc# ls -lsa /etc/webmin/ubuntu24-gpl.virtualmin.dev.cert
ls: cannot access '/etc/webmin/ubuntu24-gpl.virtualmin.dev.cert': No such file or directory

[jcameron]

Yikes! That's clearly a bug ... I will look into it

[iliajie]

Thanks!

[jcameron]

What about the SSL cert files in the domain's home directory - did those get renamed?

[iliajie]

If I remember correctly it did rename those!

Even though fixing the source of the bug is priority, yet I think we should probably eval that code, so it breaks for particular step in particular rather than causing the general issue.

[jcameron]

Ok, the patch I just attached to this ticket should fix it..

[iliajie]

I will test it and let you know if it works!

[iliajie]

I have tested it but sadly it doesn't fix the original issue:

[jcameron]

If you check the domain's config file under /etc/webmin/virtual-server/domains, are the ssl_cert and ssl_key lines correct?

[iliajie]

If you check the domain's config file under /etc/webmin/virtual-server/domains, are the ssl_cert and ssl_key lines correct?

No, domain config file not even touched.

[jcameron]

I'm so sorry .. try the further patch I just attached to this ticket.

[iliajie]

Thanks! That seems to be finished up properly now!

However, there is still a problem because the paths for shared SSL certificates weren't updated. Please look at this screenshot:

To be clear, I was moving a domain's SSL certificates to /home/domain. While all the domain's records were updated correctly, the shared SSL certificates weren't:

[jcameron]

Ah yes .... looking into the cause of that now.