I was wondering if Virtualmin has an imposed limit on the number of domains that can get certificates from LetsEncrypt. I'm not talking here about the weekly rate limit at which LetsEncrypt emits new certifications to avoid abuse, but a fixed limit per account on the server.
I found out that cPanel has a maximum of 100 certs/domain per account. So for example, if you add 101 parked domains, none above 100 that will get certified. This does not seem to be a limit on LetsEncrypt unless I'm not aware since cPanel allows 250 with their Comodo partnership.
I obviously have a lot of alias for a brand, more than 100 domains. It makes no sense to create a new account for them as they redirect to the same page, hence alias or parking. Is someone aware if Virtualmin has a similar limit?
Also, I'm not sure if this a bug or not but once you upgrade to Virtualmin Pro you have a reset or recover password button in the Webmin/Usermin login page. While you can remove this from Webmin, I didn't find a setting for Usermin. This is completely undesired. Why would I want to pay to make my installation more insecure? I don't want any sort of recover/reset a password on the login interface, it is not there on GPL but its there on PRO.
https://letsencrypt.org/docs/rate-limits/
Any limits are generally a LE limitation, not the hosting panel software's.
You didn't even bother to read what I posted above. This is not related to the rate limit on LetsEncrypt ( the speed at which they issue certs). Neither are these subdomains certificates, but full example.com domains so they get their own certificate. I can just create a second cPanel account and get certs fine.
Actually, I did read what you posted. You said yourself that cpanel limits to 100 domains per cert with LE, but 250 with Comodo. Where do you think the limit is coming from?
Just to do the rest of your homework for you -> https://comodosslstore.com/au/comodo-mdc-ssl.aspx
So you are saying that both Comodo and LE just install one single SAN Certificate per account for all domains?
I haven't had to do what you are requiring, but yes, the documentation for LE seems to support that being the case.
That seems rather strange. I had SAN certificates before, and while you can use different domains, you still have to verify they belong to the same organization/company, and the problem is they are also limited. For example, you cannot buy a SAN for 1000 domains. They are limited to 250 usually which means getting 4 SAN.
I had the impression LetsEncrypt emits one certificate per each unique different domain, but I could be wrong. Maybe the way it works on cPanel is that they request one single SAN certificate per Apache vhost account instead of individual certs for different domains. This could be the problem. I will look into that later.
Virtualmin doesn't impose any artificial limits on LE certificates. There may be limits to how many certificates can realistically be maintained on a single IP address because of the rate limits they impose on renewals, but it would be very high, i would think.
Password recovery is just another module. You can install it on any Virtualmin installation. It's called wbm-virtualmin-password-recovery on CentOS/RHEL or webmin-virtualmin-password-recovery on Ubuntu/Debian.
--
Check out the forum guidelines!
Thanks, I will try uninstalling them.