Letsencrypt Autorenew does not work since issuer changed to R3

Hello,

Since Letsencypt issuer changed to R3 the Autorenew is not working. The problem seems to be in /usr/libexec/webmin/virtual-server/feature-ssl.pl Function apply_letsencrypt_cert_renewals()

    # Is the current cert even from Let's Encrypt?
    next if ($info->{'issuer_cn'} !~ /Let's\s+Encrypt/i);

A possible fix:

    # Is the current cert even from Let's Encrypt?
    next if ($info->{'issuer_cn'} !~ /Let's\s+Encrypt/i  &&  $info->{'issuer_cn'} !~ /R3/i);

Many thanks.

Status: 
Active
Virtualmin version: 
6.14
Webmin version: 
1.962

Comments

Ilia's picture
Submitted by Ilia on Thu, 02/18/2021 - 12:59

Assigned: Unassigned ยป

Hi,

Thanks for the heads up.

Jamie has already fixed this bug for upcoming Virtualmin 6.15.

When will that fix be released? I've already been bitten by this bug twice and have other renewals coming up quite soon.

Ilia's picture
Submitted by Ilia on Sun, 02/21/2021 - 04:50

This should be fixed within next 10 days, as we release Virtualmin 6.15.

I'm starting to get a few R3 certificates expiring , a manual renewal seems to still work with 6.14. Great to see you have this patched for the 6.15 release.

In the mean time, is there a way to list all certificates by their expiry date, so that I can manually renew any which are expiring soon?

To answer my own question, this does exactly what I needed:

virtualmin list-certs-expiry --all-domains