No announcement yet.

Replace webmin self-signed certificate to avoid sec_error_invalid_key error

  • Filter
  • Time
  • Show
Clear All
new posts

    Replace webmin self-signed certificate to avoid sec_error_invalid_key error

    For those using Webmin and Firefox.

    Firefox does not support certificates with private keys smaller than 1024 bits.

    Click image for larger version  Name:	image_68418.jpg Views:	1 Size:	140.6 KB ID:	1212341

    You can replace your webmin certificate with a new one by running this command:

    1 - file=/etc/webmin/miniserv.pem
    2 - openssl req -x509 -newkey rsa:2048 -keyout $file  -out $file \ -days 3650 -nodes -subj \ "/C=US/ST=Denial/L=Springfield/O=Di /"
    3 - openssl x509 -x509toreq -in $file -signkey $file >> $file
    4 - /etc/init.d/webmin restart

    NOTE: change "/C=US/ST=Denial/L=Springfield/O=Dis/" to whatever.

    This command will create a 'pem' file with both the private key and self-signed certificate in the same file. -nodes will let you create the file without a passphrase. The -subj option saves you having to manually enter certificate details.

    Or you can do it by

    1 - setting ssl=0 in /etc/webmin/miniserv.conf
    2 - restarting webmin with "/etc/init.d/webmin restart"
    3 - then using the web interface to make the certificate change at
    4 - Webmin -> Webmin Configuration -> SSL Encryption -> Self Signed Certificate

    Click image for larger versionName:	SSL-1.jpgViews:	1Size:	43.9 KBID:	1247671

    On the following page just put your information on the page and hit the create now button on the bottom.

    Click image for larger version  Name:	image_71573.jpg Views:	1 Size:	36.2 KB ID:	1247672

    Note here have my default settings in Firefox to forget history when exiting Firefox.

    This option ghosted the save exceptions option for certs.

    To make it un-ghosted temporarily set Firefox to remember history.

    Confirm and save the exception.

    Then change your option to save history and turn it off.

    Restart Firefox and you should be good to go. IE: it will go to the Webmin login prompt.
    Last edited by Pete; September 16, 2018, 11:53 AM.
    - Pete

    Auto mator
    Homeseer 3 Pro - (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.12.X
    Homeseer Zee2 (Lite) - (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.12.X
    HS4 Pro - V4.1.7.0 - Ubuntu 18.04/VB W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.12.x
    HS4 Lite -

    X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant