I have two servers, one running Centos 5 and the other running Debian 6 and both have Webmin 1.587 and Virtualmin 3.91.gpl GPL. On the Centos server, when I set up a certificate authority (Webmin > Webmin config > Certificate authority) everything works fine. I can then add a certificate to the root user and log in using certificate authentication instead of password authentication.
But with the Debian 6 server, as soon as I enable the certificate authority, I am unable to access Webmin with Firefox or Google Chrome. Every page I try to access times out, even if I restart the browser or delete all of the user SSL certificates. I even tried restarting the computer just in case something was somehow messing things up even between sessions. However I am still able to access it using the Rekonq browser and shut down the certificate authority, and as soon as I do that I can access it again in both Chrome and Firefox.
I don't even know how to debug this. When I use http://web-sniffer.net/ both the response headers and the HTML look exactly the same when the certificate authority is turned on and turned off, so I don't even know how the browsers know the difference. Any ideas how I can get this working?
Note, this looks like a problem ONLY with webmin and not with Apache on the same server. I set up the following VirtualHost
DirectoryIndex index.html index.htm index.php index.php4 index.php5
Options -Indexes +IncludesNOEXEC +FollowSymLinks
allow from all
and this works correctly. It prompts me for a certificate and if I cancel it, it continues to load the page.
If nobody knows, I guess I'll have to submit a bug report.