Re: webmin gives 403 error
Quoting Felix Laate <felix@enternett.no>:
> Hi there..
>
>
> >> I've installed webmin (and som 15 webmin-* modules) via apt-get. When
> >> I go to https://mydomain.com:10000 I get the SSL-certficate question
> >> (as I should). But then (after answering "yes") I get a 403 error
> >> "Error - Access denied for _my_IP_".
> >>
> >> I looked in hosts.deny, but there is no rule there that could inflict
> this.
> >> I looked at the programfiles (located in /usr/share/webmin) and they
> >> seem to have correct permissions.
> >>
>
> >Did you replace the default ssl-cert with Apache/webmin/ssl, whatever?
>
> Eh.. nope! Should I have?
>
>From the default /etc/apache/ssl.crt/server.crt:
THIS FILE HAS TO BE REPLACED BY A REAL SERVER CERTIFICATE! (SKIPME)
>From /etc/apache/ssl.crt/README.CRT:
o server.crt:
This is the server certificate for Apache/mod_ssl, configured with the
SSLCertificateFile directive. Per default this is a dummy file, but may be
overwritten by the `make certificate' target under built-time.
o snakeoil.crt:
This is the _DEMONSTRATION ONLY_ `Snake Oil' dummy server certificate.
NEVER USE THIS FOR REAL LIFE! INSTEAD USE A REAL CERTIFICATE!
I don't recall if SSL has similar warnings, but it probably does. To
answer your question, yes, you should replace them. I am not certain
if that is causing your 403 error, but then I don't know apache's default
behavior without a proper SSL certificate installed. That being said it
makes sense as a failsafe to refuse to serve the page over SSL without
being able to establish a proper connection.
-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~sanchezr
Reply to: