In the previous part, we've explained what SSL is and how it works. In the second part, we'll take a look at how to obtain this certificate and how to install it using Virtualmin/Webmin.
Where to Get SSL?
There are more ways to obtain an SSL certificate. However, if we want our certificate to be perceived as safe by users other than us (i.e. it is not intended for private purposes only, but also e.g. for HTTPS on a web server), then we need to contact the so-called Certification Authority (CA).
CA is an organization that provides SSL certificates to its clients and guarantees that these certificates are true and correct (it "signs" them). If the certificate does not bear a signature from one of the trusted CAs, the browser evaluates it as dangerous, and it notifies the user about the risks associated with it (it could be a certificate that is forged by the attacker).
So, we want to have a certificate from a trusted CA on the server, which will ensure the credibility of the site and its proper functioning in relation to clients.
For the purposes of this manual, we will use the CA called Let's Encrypt. It is a CA that works on open source principles and offers certificates for free. It is trustworthy and its services are really high quality. Let's take a look at how to easily get and install certificates from this CA.
SSL Certificate Installation
Thanks to modern web administration interfaces, SSL certificate installation is very easy and available to ordinary users without deeper knowledge of the operating system or its components.
Let's take a look at how easy it is - literally, with a few clicks - to install an SSL certificate into the most common administration panels that you can also find on our servers.
In the Webmin/Virtualmin administration panel interface, we first switch to the Virtualmin interface. Then we select Edit Virtual Server from the menu and tick the Apache SSL website enabled check box in the Enabled Features section. (Note: If you use a web server other than Apache, this checkbox will only be labelled SSL website enabled.)
Enabling SSL on the Virtualmin panel
After the changes are saved, the configuration changes are made and we can move further.
Let’s Encrypt. In the left menu, we select Server Configuration and find SSL Certificate there. After clicking it, a window appears and we find Let's Encrypt at the top right.
A window appears and we can choose whether to request an SSL certificate only for the domain that is listed as the main domain of the respective virtual server or also for other ones - in such a case we choose the second option (this applies to the cases where we host multiple domains on one server and we want an SSL certificate for each of them).
There is also a choice of whether we want an automatic renewal of the certificate or whether we will renew the certificate manually. We recommend setting up an automatic renewal, but it is up to you, of course. For automatic renewal, two months are set by default, which also doesn't need to be changed.
Requesting SSL certificates
Once we have everything set up, we'll request the certificate to be issued with the Request Certificate button. It will be then requested and installed automatically.