Home Encryption How to install Webmin with Let’s Encrypt SSL on Ubuntu 18.04 LTS

How to install Webmin with Let’s Encrypt SSL on Ubuntu 18.04 LTS

by James Kiarie
Published: Updated:
install webmin lets encrypt ubuntu

Webmin is a popular web-based platform used to manage servers in an easy and friendly manner. If you are not apt at working on the terminal, then Webmin provides a better option for system administration tasks through a Graphical User Interface.

With Webmin, you can, among other tasks:

  1. Create New users
  2. Install / Update software packages
  3. Remove unwanted software packages
  4. Monitor CPU, RAM and Hard Disk space utilization
  5. Automate tasks through cron jobs
  6. Setup Firewall rules

And so much more!

In this guide, we will show you how to install Webmin on Ubuntu 18.04 LTS.

Installing Webmin along Let’s Encrypt SSL on Ubuntu 18.04

Prerequisites

  1. Ubuntu server 18.04 instance
  2. Fully Qualified Domain Name with A record pointing to the IP address of your server. This guide uses linuxtechwhiz.info pointing to IP 38.76.11.174
  3. ssh access to the server

Without much further ado, let’s dive in!

Step 1 – Installing Webmin

To begin with, we have to add Webmin’s repository so that we can install and manage Webmin using the apt package manager.

First, let’s update our system repositories

$ sudo apt update

Next, let’s  install the prerequisite packages

$ sudo apt install python apt-show-versions libapt-pkg-perl libauthen-pam-perl 
libio-pty-perl libnet-ssleay-perl

Sample output

install webmin required packages

Required packages

Thereafter, download the Webmin deb package

$ cd /tmp && curl -L -O http://www.webmin.com/download/deb/webmin-current.deb

Output

install Webmin download repositories

Download repositories

Now install Webmin using the command below

$ sudo dpkg -i webmin-current.deb
install Webmin on Ubuntu 18.04 LTS

install Webmin on Ubuntu 18.04 LTS

Output

Step 2 – Accessing Webmin

Now that we have successfully installed Webmin, we are going to allow port 10000 in the firewall. This is the port which we are going to access Webmin’s interface.

To add port 10000 in ufw firewall execute

$ sudo ufw allow 10000/tcp

Output

sudo ufw allow 10000

sudo ufw allow 10000

To verify that port 10000 is open, run the following command

$ sudo ufw status

Output

check ufw status

check ufw status

With the port allowed in the firewall head over to your browser, and enter your domain with the suffix :10000 at the end of the URL

Syntax

https://domain_name:10000

In our case, we shall go to

https://linuxtechwhiz.info:10000
webmin login connection is not private

webmin login connection is not private

The URL bar indicates that the site is not encrypted and is therefore not recommended to proceed. Don’t worry, this is because Webmin does not yet have an SSL certificate, which we shall be installing in the next steps.

To proceed to the main dashboard, click on the “Advanced”  tab and click on proceed to the URL address

webmin url not secure

webmin url not secure

You will be presented with a login screen as shown. Enter the correct user details and click on ‘Sign in’

webmin login page

webmin login page

The dashboard below will appear

Step 3 – Set up the document root directory

Next, we are going to configure Nginx server block. By default, Nginx has only one server block which is configured to server documents from /var/www/html directory

We are now going to set up a root directory for our site.

Syntax

$ sudo mkdir -p /var/www/example.com/html

In this case, we shall have

$ sudo mkdir -p /var/www/linuxtechwhiz.info/html

With our directory in place, we are going to reassign ownership to our regular user account

$  sudo chown -R $USER:$USER /var/www/linuxtechwhiz.info/html

Modify permissions

$ sudo chmod -R 755 /var/www

Step 4 – Configure Nginx server block

Nginx contains one server block called default, which we can use as a template for our own configurations. We are going to create our domain’s server block and later copy the default server to it and make some modifications.

As indicated above, we shall create our first server block config file by copying over the default file:

$ sudo cp /etc/nginx/sites-available/default 
/etc/nginx/sites-available/linuxtechwhiz.info

We are then going to open the file using a text editor and make a few modifications

$ sudo vim /etc/nginx/sites-available/linuxtechwhiz.info

Ignoring the commented lines, the configuration should resemble the one below

server {
listen 80 default_server;
listen [::]:80 default_server;

root /var/www/html;
index index.html index.htm index.nginx-debian.html;

server_name _;

location / {
try_files $uri $uri/ =404;
}
}

Since we already have the Nginx default server block with the default_server attribute in the server block, we are going to delete the attribute in our domain and have :

server {
listen 80;
listen [::]:80;

. . .
}

We are then going to adjust the path to our document root and point it to our server’s document root

server {
listen 80;
listen [::]:80;

root /var/www/linuxtechwhiz.info/html;

}

Modify the server_name attribute to match our domain

server {
listen 80;
listen [::]:80;

root /var/www/linuxtechwhiz.info/html;
index index.html index.htm index.nginx-debian.html;

server_name linuxtechwhiz.info www.linuxtechwhiz.info;

location / {
try_files $uri $uri/ =404;
}
}

Close and exit the configuration file

We are then going to enable the server block by issuing the following command

$ sudo ln -s /etc/nginx/sites-available/linuxtechwhiz.info /etc/nginx/sites-enabled/

To ensure that there are no syntactical errors in any of our Nginx files, execute

$ sudo nginx -t

Output

Great!! Let’s now restart Nginx server

$ sudo systemctl restart nginx

To verify that Nginx is running execute

$ sudo systemctl status nginx

Output

Step 5 – Encrypting Webmin

The final section is securing Webmin to encrypt communication between the browser and the server.

Click on the ‘Webmin‘ tab as shown below

webmin tab

Select ‘Web configuration‘ in the drop-down menu that appears

webmin configuration

Click on SSL ‘Encryption‘ option

webmin ssl encryption tab

webmin ssl encryption tab

Next, we are going to Click on the  ‘Let’s  Encrypt‘ tab.

Fill out the hostname in the hostname tab and  Thereafter click on ‘Request Certificate‘.

Webmin will begin generating  Let’s encrypt SSL certificate and store the validation file in the website directory.

Let's encrypt certificate request

Let’s encrypt certificate request

Now head back to your server’s Webmin URL and refresh the browser. Notice that the connection to the Webmin server is encrypted.

encrypted webmin login

encrypted webmin login

You can now log in securely and access the dashboard

webmin dashboard

webmin dashboard

If you are a little curious and want to view Let’s encrypt certificate information, click on the padlock symbol and select ‘Certificate valid‘ option

ssl certificate tab

ssl certificate tab

Certificate Information

ssl certificate info

ssl certificate info

if you’ve come this far, we trust that you were able to install Webmin on your domain and encrypt the connection with Let’s Encrypt SSL. Your feedback is most welcome.

Thank you for your time and keep it FOSSLinux!

You may also like

2 comments

Daniel February 6, 2020 - 3:04 PM

Thank you , a real life-saver. I spent the whole morning going through one tutorial after another.. this one helped! Turned out that the last step I had to do in Firefox as Chrome kept kicking me out of webmin after the first click…!

Reply
Mehdi Hussain March 3, 2020 - 8:08 AM

Hi, Loved your tutorial! Just had one minor problem, while the SSL does work on port https://domain:10000, it does not work on the actual Website https://domain. Any Help would be much Appreciated!

Reply

Leave a Comment

fl_logo_v3_footer

ENHANCE YOUR LINUX EXPERIENCE.



FOSS Linux is a leading resource for Linux enthusiasts and professionals alike. With a focus on providing the best Linux tutorials, open-source apps, news, and reviews written by team of expert authors. FOSS Linux is the go-to source for all things Linux.

Whether you’re a beginner or an experienced user, FOSS Linux has something for everyone.

Follow Us

Subscribe

©2016-2023 FOSS LINUX

A PART OF VIBRANT LEAF MEDIA COMPANY.

ALL RIGHTS RESERVED.

“Linux” is the registered trademark by Linus Torvalds in the U.S. and other countries.