Submitted by sonoracomm on Fri, 01/22/2021 - 09:27 Pro Licensee
We have a spam filter server (MailCleaner) that we use to provide optional spam filtering to clients. The same issues applies to using any spam filter service that uses MX routing to route a domain's mail through a filter. That's pretty much all of them...
In Virtualmin, when you attempt to obtain a letsencrypt SSL certificate for a domain, it will fail:
Validating configuration for heritageadvisorycorp.com .. .. errors were found, which will prevent Let's Encrypt from issuing a certificate : BIND DNS domain : This domain has email enabled, but none of the MX records mc.virtualarchitects.com mc2.virtualarchitects.com point to it. Either the MX records should be corrected, or the email feature disabled if mail is hosted externally.
Further, there appears to be no way to work around this problem, short of rerouting the domain's mail directly to the Virtualmin server.
Am I missing a setting somewhere?
Thanks in advance,
Thanks for contacting us.
Yes, you can Skip tests for Check connectivity first option set on SSL Certificate > Let's Encrypt page.
Submitted by sonoracomm on Fri, 01/22/2021 - 10:24 Pro Licensee Comment #2
I tried that and it didn't work. I just tried it on another domain and it did work!
I think I had two issues, as I was also trying to obtain a wildcard certificate. In the mean time, I implemented the fix in this post for the dns-01 issue with a DNS slave: