SSL Certificates on Webmin
Installing SSL Certificates on a Webmin based Email server
These notes are assuming that your certificate is created as a chained certificate where the domain certificate and CA entries are chained into a single certificate (minus the key).
If your certificate provider sends you separated certificates you can create a chained certificate from them. The order goes from the most specific certificate (i.e. for your site) through intermediate certs to the internet root certificate…
cat mysite.crt intermediate.crt root-or-ca.crt >mysite-chained.crt
DOVECOT
Certificate and Key should be uploaded to the home directory for the domain:
e.g. /home/mysitename/mydomain.crt and mydomain.key
The files should be owned by root with 600 permissions.
cd /home/mysitename/
chown root mysitename.*
chmod 600 mysitename.*
You then want to go to:
VirtualMin>"mysitename.ca">Manage Virtual Server
- click Update Cert and Key
- click Copy SSL Certificates to Services
This will copy and or replace the certificate at:
/etc/ssl/virtualmin/1234-unique-number/ssl.combined
Go to:
Webmin>Servers>Dovecot>Edit configs
Adjust the file dovecot.conf as needed.
Pay special attention to the following entry at the bottom of that configuration file.
local_name mail.mysitename.ca {
ssl_cert = </etc/ssl/virtualmin/###123456###/ssl.combined
ssl_key = </home/mysitename/mysitename_ca.key
}
You should also also check the configuration file 10-ssl.conf and comment out any redundant sections you find.
POSTFIX
Postfix should also be checked from the control panel interface to make sure that the certificate and key have been added correctly.
Webmin>Postfix>SMTP Authentication and Encryption
Finally, either reboot the whole server or at least restart the services for Dovecot and Postfix.