Hi Andrea,
I've actually seen this exact problem myself too - for some reason, when Apache proxies a request to an SSL server, it won't pass the cookies along, which breaks Webmin's cookie-based authentication.

The only work-arounds are :

  1. Turn off SSL. Since you are connecting to Webmin over your internal network only, you don't really need it.
  2. Switch to regular HTTP authentication mode, by going to Webmin -> Webmin Configuration -> Authentication and selecting Disable session authentication.
 - Jamie

On 23/May/2007 01:45 Andrea Lanza wrote ..

Hi all.

My problem is the following: I have to manage several servers into a publically unreachable private intra-network.

One server of this network is publically NAT-ted, and I can reach it via browser (on the apache server and on the webmin server)


I tried to configure name-based reverse proxy in apache in order to reach all the internal servers (both apache and webmin server)


The apache part works perfectly, and I can reach all the internal apache servers


I configured name based virtual hosts on the apache listening port 11000, in http, and I tried to reverse to the internal https:10000 port.


I succeded in getting the internal webmin logon page, but as I entered user/pass I got an internal server error.


This is the configuration I am using (scrambled names):


cat internalserver-11000.conf

# BEGIN Virtual Host internalserver

<VirtualHost *:11000>

    SSLProxyEngine on

    ServerName internalserver

    ServerAlias internalserver.domain.dom


    ErrorLog /var/log/apache2/internalserver -error_log

    CustomLog /var/log/apache2/internalserver -access_log combined


    ProxyPreserveHost On

    ProxyPass /

    ProxyPassReverse /



I think the problem could be due to the https-->http reverse translation.


If I DISABLE the ssl engine on the internal webmin servers and I modified the reverse proxy configuration file into:


    ProxyPass /

    ProxyPassReverse /



everything works fine, I can logon to the internal webmin servers with no problem


What am I doing wrong in using ssl reversed ?


Thanks in advance,