In this tutorial, you will learn how to install an SSL certificate on Webmin. Webmin doesn’t serve websites by itself. It gives you a browser-based control panel for the Apache web server running on your machine, so this guide covers enabling SSL for an Apache virtual host through the Webmin interface.
We also recorded a video that walks you through the entire process. You can watch it below, read the instructions, or do both.
Generate a CSR code on Webmin
If you’ve already generated a CSR code, skip this section and go straight to the installation steps.
When you apply for an SSL certificate, one of your first steps is to generate a Certificate Signing Request (CSR) and send it to the Certificate Authority. The CSR is a small block of text containing the necessary details about your domain and organization.
Certificate Authorities use the CSR to verify the applicant. If the information inside the CSR is correct and up to date, the CA signs and issues your SSL certificate. You have two options:
- Use our CSR Generator to create the CSR automatically.
- Follow our step-by-step tutorial on how to generate a CSR in Webmin.
When you generate the CSR, the system also creates the matching private key. Keep it safe, because you’ll need it during installation. Copy the CSR code, including the BEGIN and END tags, into a plain-text editor such as Notepad. The block looks like this:
-----BEGIN CERTIFICATE REQUEST-----
(your CSR data)
-----END CERTIFICATE REQUEST-----
Install an SSL certificate on Webmin
Once the Certificate Authority has validated your request and sent you the certificate files, it’s time to install them on your Webmin server.
Step 1: Prepare your SSL files
Download the ZIP archive from the CA and extract it on your local computer. You should have the following files:
- yourdomain.crt, your primary SSL certificate.
- yourdomain.ca-bundle, your root and intermediate certificates (the CA bundle).
- yourdomain.key, the private key created when you generated the CSR.
Note: wherever you see yourdomain in the file names below, substitute your actual domain (for example, example_com).
Step 2: Upload your files
- Log in to your Webmin server in a web browser.
- In the left-hand menu, click Others and then select Upload and Download.
- On the main page, open the Upload to server tab.
- In the Files to upload section, add your primary certificate (the .crt file) and your CA bundle (the .ca-bundle file). Set the destination directory where you want them stored, then upload. Make a note of that path; you’ll reference it in Step 3.
If your private key isn’t already on the server, upload it the same way and keep it readable only by the root user.
Step 3: Configure Apache through Webmin
- If Apache isn’t installed yet, use the Un-used Modules menu in the left pane to install it.
- Go to Servers > Apache Webserver, and on the main page open the Global Configuration tab.
- In Global Configuration, click the Configure Apache Modules icon.
- A list of Apache modules opens. Find and tick the ssl checkbox, then click Enable Selected Modules.
- When the Apache Webserver page reloads, click Create virtual host and set the following:
- Port: select 443 (the default port for HTTPS).
- Server Name: specify your domain name.
- Document Root: enter the path to your document root folder.
- Click Create Now to add the new virtual host.
- An Existing virtual hosts tab appears. Locate the host you just created and click the globe icon next to it.
- On the Virtual Server Options page, choose SSL Options, set the parameters below, and click Save:
- Enable SSL?: select the Yes radio button.
- SSL protocols: disable the obsolete SSLv2, SSLv3, TLSv1, and TLSv1.1 protocols, and keep only TLSv1.2 and TLSv1.3 enabled. (Older guides stop at disabling SSLv2/SSLv3, but TLS 1.0 and 1.1 are also deprecated in 2026.)
- Certificate/private key file: enter the server path to your primary certificate (.crt) and your private key (.key, generated alongside the CSR).
- Certificate authorities file: enter the server path to your CA bundle (.ca-bundle) file. This sends the intermediate certificates so browsers can build a complete chain of trust.
Step 4: Restart Apache
To apply the new configuration, restart Apache. In the left pane, go to System > Bootup and Shutdown, tick the Apache checkbox, scroll to the bottom of the page, and click Restart.
If you prefer the command line (for example, over SSH), you can restart Apache directly instead:
sudo systemctl restart apache2 # Debian/Ubuntu
sudo systemctl restart httpd # CentOS/RHEL/AlmaLinux
That’s it. You’ve successfully added an SSL certificate to your Webmin server.
Want to redirect visitors to HTTPS automatically? Once you’ve confirmed the secure site works, set up an HTTP-to-HTTPS redirect so no one lands on the unencrypted version. See our guide on how to switch from HTTP to HTTPS.
Test your SSL installation
After installing the certificate, it’s highly recommended to test the result for misconfigurations or missing intermediates. Use one of our SSL Checker to scan your website and get an instant report.
You can also verify the certificate from any machine with OpenSSL. This prints the issuer and the validity dates of the certificate your server is serving:
echo | openssl s_client -connect yourdomain.com:443 -servername yourdomain.com 2>/dev/null | openssl x509 -noout -issuer -dates
Where to buy the best SSL certificate for Webmin?
If you’re looking for a great shopping experience, SSL Dragon is your best SSL seller. Our intuitive, user-friendly website guides you smoothly through the entire range of SSL certificates. All our products are issued by reputable Certificate Authorities and are fully compatible with Webmin.
Enjoy some of the lowest prices on the market and dedicated customer support for any certificate you choose.
And if you’re struggling to find the perfect certificate for your website, use our SSL Wizard and Advanced Certificate Filter tools to get a helping hand.
Frequently Asked Questions
Webmin is a control panel; it doesn’t serve web pages itself. When you install an SSL certificate “on Webmin,” you’re really configuring the Apache web server through Webmin’s graphical interface. The certificate is applied to an Apache virtual host, and Webmin simply writes the underlying Apache configuration for you.
That’s a separate task from securing your website. To put your own certificate on the Webmin login interface, go to Webmin > Webmin Configuration > SSL Encryption and upload (or paste) your private key and certificate, plus the CA/intermediate file. Webmin stores its combined key and certificate in /etc/webmin/miniserv.pem. After changing it, restart Webmin from the command line so the new certificate loads:sudo systemctl restart webmin
# or, on systems without systemd:
sudo /etc/webmin/restart
Go to Servers > Apache Webserver, open your port 443 virtual host by clicking its globe icon, then choose SSL Options on the Virtual Server Options page. The ssl Apache module must be enabled first, or the SSL Options page won’t be available.
Yes. Point the Certificate authorities file field at your .ca-bundle file so Apache sends the intermediate certificates with your primary certificate. Without the chain, some browsers and clients show a “certificate not trusted” error even though the certificate itself is valid.
Enable only TLS 1.2 and TLS 1.3. Disable SSLv2, SSLv3, TLS 1.0, and TLS 1.1 in the SSL protocols field; they’re deprecated and considered insecure in 2026. Modern browsers already refuse the older protocols, so keeping them on only adds risk.
Bottom line
Installing an SSL certificate on Webmin comes down to uploading your .crt and .ca-bundle files, enabling the ssl Apache module, configuring a port 443 virtual host with the certificate, key, and CA bundle paths in SSL Options, and restarting Apache.
Need a certificate first? Browse our SSL certificates.
Save 10% on SSL Certificates when ordering from SSL Dragon today!
Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10


