Virtualmin overwrites letsencrypt Webmin certificate

5 posts / 0 new
Last post
#1 Thu, 09/19/2019 - 11:19

Virtualmin overwrites letsencrypt Webmin certificate

Hei, im on a fresh installed ubuntu 18.04 server distro with nginx as webserver and webmin / virtualmin installed to administrate my own additional domains. I use afraid for my dynamic ip and my domains are updated there with ns1 ns2 .. nameservers. Probably all works fine until I add my first virtual server and letsencrypt to that domain that’s used for the first virtual server. My webmin is installed with and letsencrypt to secure sessions I spend on webmin so and works fine and are ssl crypted (green). If I add my first virtual server to virtualmin and run letsencrypt to secure the domain associated to the first virtual server ( lets name it then my first domain ( that’s used to webmin control panel gets broken and I get this error on firefox: Error code: SSL_ERROR_BAD_CERT_DOMAIN. If I open the certificate for then I see as CN. To make it more strange, works fine with that cert and CN is but if I remove port :10000 and use this domain as is without webmin port, my cert shown the cert from first virtual host. Adding .. works fine all run on letsencrypt, if I remove the gets the same error but then from virtual host 2 with

I hope someone understands what I wrote and can help me out please.

Ubuntu 18.04 / ngingx 1.14 latest webmin (root/home/swap) all domains are isp reg. domains. Error code: SSL_ERROR_BAD_CERT_DOMAIN

Thu, 09/19/2019 - 15:56

When setting up a webserver, your hostname is important. From what you are saying, your hostname is currently set as

So when you log into webmin it's via

This is problematic.

Your hostname should be setup something like

Then webmin login would be

In terms of the ssl certificate changing, it may be that you have got the configuration such that your server is using the ssl for webmin (there is a link enabling this under SSL).

Enabling that "use for webmin" for SSL in your case would be one way to cause this error.

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

Fri, 09/20/2019 - 11:41

Dear, I did change host to that did break my network connection and netplan wont apply at all right now. About webmin ssl config panel, there was nothing modified or copied to webmin out from a virtual server.


Network connection established, i had to clean lo.yaml file that cause connection problems after I changed hostname.. I have no ide why!

Hostname changed to

I did remove certs from letsencrypt by command line to avoid more complications and try to renew certifications with using webmins letsencrypt function. is now a subdomain and I try to renew it but im lost with error:

Failed authorization procedure. (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from [MY IP ADDRESS]: "\r\n404 Not Found\r\n\r\n

404 Not Found



Apache - Ubuntu 20.04

Fri, 09/20/2019 - 15:40

I don't use I don't know about that.

The ssl cert is for your virtual servers not

Are you trying to get ssl for I don't worry about that, the only person accessing virtualmin dashboard via is can use the self signed certificate for that for the time being (virtualmin already sets this up when you first install it (ie your first access is via url "https"...))

Setting up SSL for the server itself is a little more complicated than for virtual servers (ie domains/websites) on said server.

It's only the Virtual servers on it that then need to apply for their own certificates to avoid users seeing the security warnings in their web browsers typically found with self signed they should be the only domains you input to let's encrypt (don't add for certificate applications for any of your virtual servers (hosted domains/websites) or you will get an error for sure.)

I also worry about your having used command line to delete things. You are using a control panel, you really shouldn't use command line unless 100% you know that what you are doing is following a procedure that Virtualmin understands. Once you start messing with default install, things can quickly stuff your virtualmin be careful. Follow Virtualmin documentation always.

This really should just work on a brand new virtualmin install without any problems. All i ever have to do is install virtualmin, add a virtual server, using domain2 registrar dns point A record at server ipaddress, wait for propogation , go into SSL and apply for letsencrypt certificate for domain2 and it just works (every time). I have not once ever had to worry about SSL...even when applying for SSL for (if I also want a virtualserver/website on, it just works without any problems

AJECreative is the home of $5 webhosting, $15/month VPS servers (1cpu,1gb RAM, 25GB storage)
Centos7, Debian9, or Ubuntu18LTS
Available Control Panels = Centos-Webpanel, Cyberpanel, or Virtualmin

Sat, 09/21/2019 - 14:15

Dear, Thank you for your time you spend on this forum to make NOBS like me a bit more smarter! What you wrote has sense and I did spend some more hours to set up a new machine by following your suggestions.

And yes, it works just as it should, without any errors all the way through, its like an sensation!

What I did:

Firstly i set up my hostname used in ubuntu as subdomain -> to my ip

Installation: Ubuntu 18.04, Nginx and certbot, Webmin and Virtualmin and all the small adds i just need like (Ondřej Surý Repo) for multiple php versions..

Ubuntu network installation with an static local ip address (

I did not touch certbot to secure my servers subdomain jet I just add certbot to the server and run the installation.

As soon everything was installed and ready to touch, I did the postfix setup that just worked like a charm! By using

I created an virtual server for and run letsencypt that works fine without any problems.

Modifications: I had to add to ProFTPd (proftpd.conf) this line: TLSOptions NoSessionReuseRequired to list files and avoid connection issues like: Failed to retrieve directory listing

Since virtualmin don’t redirect http to https like it should do with nginx as webserver installed, I needed to add a small snippet to my server block for

server {
        rewrite ^/(.*)$1 permanent;

Conclusion: stays as is self signed for my backend (webmin) and and got an letsencrypt cert.

Apache - Ubuntu 20.04

Topic locked