Step 1 — Installing Webmin
First, we need to add the Webmin repository so that we can easily install and update Webmin using our package manager. We do this by adding a new file called /etc/yum.repos.d/webmin.repo that contains information about the new repository.
Create and open this new file using your text editor:
sudo vi /etc/yum.repos.d/webmin.repo
Then add these lines to the file to define the new repository:
/etc/yum.repos.d/webmin.repo [Webmin] name=Webmin Distribution Neutral #baseurl=http://download.webmin.com/download/yum mirrorlist=http://download.webmin.com/download/yum/mirrorlist enabled=1
Save the file and exit the editor. Next, add the Webmin author’s PGP key so that your system will trust the new repository:
wget http://www.webmin.com/jcameron-key.asc sudo rpm --import jcameron-key.asc
Note: Before you install Webmin, make sure you have set a password for the root user by running sudo passwd, as you will need this to log in to Webmin later. You can now install Webmin:
sudo yum install webmin
Once the installation finishes, you will see the following message in the output:
Webmin install complete. You can now login to https://your_domain:10000/
as root with your root password.
Step 2 — Adding a Valid Certificate with Let’s Encrypt
Webmin is already configured to use HTTPS, but it uses a self-signed, untrusted certificate. Let’s replace it with a valid certificate from Let’s Encrypt.
Navigate to https://your_domain:10000 in your web browser, replacing your_domain with the domain name you pointed at your server.
Note: When logging in for the first time, you will see an “Invalid SSL” error. This is because the server has generated a self-signed certificate. Allow the exception to continue so you can replace the self-signed certificate with one from Let’s Encrypt.
You’ll be presented with a login screen. Sign in with the username root and your current password for the root user.
Once you log in, the first screen you will see is the Webmin dashboard. Before you can apply a valid certificate, you have to set the server’s hostname. Look for the System hostname field and lick on the link to the right, as shown in the following figure:
This will take you to the Hostname and DNS Client page. Locate the Hostname field, and enter your Fully-Qualified Domain Name into the field. Then press the Save button at the bottom of the page to apply the setting.
After you’ve set your hostname, click on Webmin on the left navigation bar, and then click on Webmin Configuration.
Then, select SSL Encryption from the list of icons, and then select the Let’s Encrypt tab. You’ll see a screen like the following figure:
Using this screen, you’ll tell Webmin how to obtain and renew your certificate. Let’s Encrypt certificates expire after 3 months, but we can instruct Webmin to automatically attempt to renew the Let’s Encrypt certificate every month. Let’s Encrypt looks for a verification file on our server, so we’ll configure Webmin to place the verification file inside the folder /var/www/html, which is the folder that the Apache web server you configured in the prerequisites uses. Follow these steps to set up your certificate:
Fill in Hostnames for certificate with your FQDN.
For Website root directory for validation file, select the Other Directory button and enter /var/www/html.
For Months between automatic renewal section, deselect the Only renew manually option by typing 1 into the input box, and selecting the radio button to the left of the input box.
Click the Request Certificate button. After a few seconds, you will see a confirmation screen.
To use the new certificate, simply reload the page. Your browser should now indicate that the certificate is valid.