Question
I'm struggling with different methods of making Webmin secure, and choice is key(certificate)based browser authentication with password one disabled.
I'm stacked at point where browser gets and stores by Webmin generated client certificate (I've tried with FF and Chorme), and should, according to docs, be able to login without asking for username and password.
It doesn't happens.
What is wrong?
What have I done so far:
I was following procedure introduced in Webmin docs.
Created new CA certificate from Webmin->configuration->Certificate Authority and got message
"Your certificate authority has been setup successfully. Users can now use the Webmin Users module to request certificates for themselves."
After that, I have requested SSL certificate under Webmin->webmin users->Request Certificate and got:
Your certificate for {myname} has been successfully generated.
and link to option:
Click here to pick up your certificate and install it in your browser
when I click on that, my browser (Chrome) says:
Successfully stored client certificate issued my {my issuer name}
and gives me option to see info about stored certificate.
Now, instead of being simple logged in and redirected whenever I show up on login page, it doesn't happen. I have checked various setting under Webmin and I think all it is browser-side to blame.
Solution
The documentation mentions that client certificates only work reliably in Firefox.
https://stackoverflow.com/questions/22149713
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian"Once this is done, each Webmin user can create a private SSL client key
and certificate. At the time of writing, this is only known to work
reliably with Firefox-based browsers."
