From: Jamie C. <jca...@we...> - 2002-05-27 01:07:58
|
Stewart Thompson wrote: > > Chris: > > I set mine up to use port 10000 internally and used Stunnel to redirect > port 10001 > externally to port 10000. Then I use https to serverip:10001. This works, > however there is > a small problem in the transition from the login.cgi to regular Webmin > operation, It fails. > If I immediately reconnect (not refresh) it re-establishes the secure > connection and everything > seems to work fine after that. The lock appears in the task bar which > indicates secure communication. > I am still figuring out Stunnel, however I am using the following command at > the moment. > > $STUNNEL -d $EXTIP:10001 -r 10000 > > Jamie: > > Any suggestions on how to make this transition smoother? > > This may seem like a funny way of doing it. I allow people on the internal > secure network > to do local administration with just the regular port 10000. However, when I > come in across the > Internet, I want it to be secure. Hope that helps. There are going to be problems with this, because whenever webmin does a redirect (such as when logging in) it will redirect to the wrong kind of URL (http:// instead of https://) because it doesn't know that it is in SSL mode. Redirects are also used in lots of places throughout the code, so even if you get past the login page it will still be a problem. Instead of using stunnel, you could instead run two separate webmin webservers, one in SSL mode and one in normal mode. This can up on the list recently - do a search of the list archives and you should find the post that explains how to do it. - Jamie |