Fixing SSL Chain Certificate Errors in Virtualmin
For a lot of our clients we use the free SSL supplied by Cloudflare, but in some cases that is not possible and we need to buy a certificate.
One of the issues we have encountered when using Virtualmin is that it doesn’t appear to install the SSL correctly and the chain.crt file is missing. This then causes security errors in some browsers or some web services such as Facebook.
This post is how to fix them, and we hope it helps other small web development companies fix this potential issue. At the very least it is a helpful guide to remind us what to do, as we wasted an hour researching how to fix it the second time we did it. It is a very easy fix when you know what to do, and takes just a few minutes. Assuming you have enabled SSL on the site and installed the certificate do the following:
- Check if you have working chain certificate via https://whatsmychaincert.com/
- If you don’t have w working one, the website will give you an option to download it.
- Upload the certificate to the server, we usually put it in the same folder as the actual SSL certificate, but you could place it elsewhere.
- Connect to your server via SSH
- Sudo nano into the websites config file, this will be something like /etc/apache2/sites-available/domain.co.uk.conf
- In our case, we had to scroll all the way to the bottom of this file until you see the section with SSLEngine on
- And the line SSLCertificateFile /path/to/example.com.crt
- Ctrl – x to exit and yes to save
- Reload apache
The website should now have a fully working SSL certificate.