It is currently not possible to install Virtualmin due to a certificate error:
ERROR: The certificate of ‘software.virtualmin.com’ is not trusted.
ERROR: The certificate of ‘software.virtualmin.com’ hasn't got a known issuer.
chmod: cannot access 'slib.sh': No such file or directory
install.sh: line 297: ./slib.sh: No such file or directory
Submitted by JamieCameron on Sun, 01/10/2021 - 00:29 Comment #1
That's odd, the cert looks valid to me. If you open https://software.virtualmin.com/ in your browser, do you get any cert error?
Yes, I did check using a Web browser and it appears valid.
My issue is happening via the cli.
Submitted by JamieCameron on Sun, 01/10/2021 - 02:09 Comment #4
Which Debian or Ubuntu version are you running there?
I'm using Centos 8.
It looks that you haven't installed and/or upgraded
Submitted by amjad9633 on Sun, 01/10/2021 - 03:40 Comment #8
I have the same problem and get this message
ERROR: cannot verify software.virtualmin.com's certificate, issued by ‘/C=US/O To connect to software.virtualmin.com insecurely, use `--no-check-certificate'. chmod: cannot access ‘slib.sh’: No such file or directory install.sh: line 297: ./slib.sh: No such file or directory
In my case, I am using the Cloudmin image for CentOS 8. I then ran:
Then tried to install Virtualmin and got my original error.
Just to make sure that ca-certificates is installed:
dnf install ca-certificates
Last metadata expiration check: 0:53:29 ago on Sun 10 Jan 2021 09:20:17 GMT.
Package ca-certificates-2020.2.41-80.0.el8_2.noarch is already installed.
Nothing to do.
dnf info ca-certificates
Last metadata expiration check: 0:58:29 ago on Sun 10 Jan 2021 09:20:17 GMT.
Name : ca-certificates
Version : 2020.2.41
Release : 80.0.el8_2
Architecture : noarch
Size : 927 k
Source : ca-certificates-2020.2.41-80.0.el8_2.src.rpm
Repository : @System
From repo : BaseOS
Summary : The Mozilla CA root certificate bundle
URL : https://fedoraproject.org/wiki/CA-Certificates
License : Public Domain
Description : This package contains the set of CA certificates chosen by the
: Mozilla Foundation for use with the Internet PKI.
Submitted by amjad9633 on Sun, 01/10/2021 - 04:34 Comment #10
It seems like a general problem!
I'm getting this on two machines in different locations.
# openssl s_client -connect software.virtualmin.com:443
depth=0 CN = software2.virtualmin.com
verify error:num=20:unable to get local issuer certificate
depth=0 CN = software2.virtualmin.com
verify error:num=21:unable to verify the first certificate
0 s:CN = software2.virtualmin.com
i:C = US, O = Let's Encrypt, CN = R3
subject=CN = software2.virtualmin.com
issuer=C = US, O = Let's Encrypt, CN = R3
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
SSL handshake has read 2069 bytes and written 447 bytes
Verification error: unable to verify the first certificate
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
No ALPN negotiated
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
Start Time: 1610274551
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
Extended master secret: no
Okay, I have taken a closer look and indeed our certificates are not well based on the output of:
I will assign this to Joe to have a look.
Thank you Ilia.
Submitted by amjad9633 on Sun, 01/10/2021 - 08:43 Comment #14
do you have any ETA on this? Thank you!
This was fixed. Thanks for the heads up.
Thanks for resolving this - on a Sunday too!
Submitted by IssueBot on Sun, 01/24/2021 - 13:30 Comment #17
Automatically closed - issue fixed for 2 weeks with no activity.