These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Letsencrypt Cert for Webmin/Virtualmin panel itself on the new forum.
Hi, quite a newbie here. I have installed successfully Virtualmin on CentOS 7 and am running Nextcloud, Wordpress and Lime Survey with it. Everything is working out great. Webmin/Virtualmin itself has the domain virtualmin.domain.tld, nextcloud cloud.domain.tld. and so on. It was no problem to get the letsencrypt Cert for the applications with the help of the built-in SSL functions of Virtualmin.
My question: How can I get a Letsencrypt certificate for virtualmin.domain.ltd, in other words Webmin/Virtualmin itself? I got stuck at Webmin/Webmin Configuration/SSL/Letsencrypt. The documentation https://doxfer.webmin.com/Webmin/Let%27s_Encrypt does not really help.
Any ideas?
@kosmonaut_75
Hi, you should be able to do this easy. if you have host virtualmin.domain.tld then issue the ssl cert for domain.tld. once the cert is issued and in a place then go to the tab > Current SSL certificate and there use buttons > COPY to webmin, virutalmin mail etc.. copy it for whatever service you need it. Once ssl cert is copied, you can load virtualmin.domain.tld:your-port with lets encrypt ssl cert without problem and also when that cert will be renewed, virtualmin will copy new cert automatically. I will give you some screenshots so you know where to look.. just give me few moments.
Edit: Attached screenshots
As seen on screenshot you can follow it (I am not on centos but I believe that its same for all distros).
original img size
original img size
Im in hope that this helped you or someone else, somehow.. Have good day :)
Configuring/troubleshooting Debian servers is always great fun
Thank you so much! It works like a charm!
Great @kosmonaut_75, keep virtualmin great by using it and sharing the knowledge somehow :) - if you could... thanks.
Configuring/troubleshooting Debian servers is always great fun
Problems with Copy to Dovecot button
SSL Certificate In domain MyDomain.com
Copying certificate and key to Dovecot files .. .. wrote out certificate and CA in /home/me/domains/sub.MyDomain.com/ssl.cert, and key in /home/me/domains/sub.MyDomain.com/ssl.key Enabling SSL in Dovecot configuration .. .. done
Why is it copying cert/key to a subdomain that it is not listed in Domain names listed here?
After doing that Copy to Dovecot button is still there and This SSL certificate is already being used by : Webmin, Usermin, Postfix, ProFTPD
Dovecot is not listed.
Moreover, from Dashboard I see Dovecot IMAP / POP3 Server has stopped and won't start.
From log file:
config: Warning: /etc/dovecot/dovecot.conf line 224: Global setting ssl_cert won't change the setting inside an earlier filter at /etc/dovecot/dovecot.conf line 105 (if this is intentional, avoid this warning by moving the global setting before /etc/dovecot/dovecot.conf line 105)
Same for key
sub.MyDomain.com has its own cert/key
I don't remember but it is possible I tried in the past to include sub.MyDomain.com cert in MyDomain.com cert. At this time it is not listed.
Looking at dovecot.conf I see confs like
local_name domain.com {
ssl_cert = </home/domain/ssl.cert
ssl_key = </home/domain/ssl.key
}
That sub.MyDomain.com was not included in its local_name. Both cert/key were isolated so I manually included them in their own local_name
Started Dovecot service again but failed.
Rebooted and it was running again.
But Copy to Dovecot button is still there despite
local_name MyDomain.com {
ssl_cert = </home/me/ssl.cert
ssl_key = </home/me/ssl.key
}
is included in dovecot.conf
Copy certificate to Postfix/dovecot....and right there is where things go pearshaped.
I never copy virtual server SSL certs to Postfix. Postfix is not running from virtual server, it's running from webmin. Copying a virtual server SSL to Postfix over writes your webmin postfix ssl cert for the vps server itself. I am thinking You don't want to do that if you are hosting multiple domains on a single shared IP address that belonged to the server itself.
https://ajecreative.com.au