Installing error

Error registering: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555

I am using Webmin and can not install a certificate, please, what to do?

Hi @DenisL

please read

We will be beginning brown-outs for new ACME v1 registrations for the production environment for the following dates of this year:

  • October 10th to October 11th
  • October 16th to October 18th
  • October 31st onward

We will be permanently disabling new ACME v1 registrations in the production environment on October 31st .

So you can wait one day. But you should update your client. In three months, new registrations aren't possible.

1 Like

I will give you some Webmin specific advice, so you can hopefully proceed with your certificate request.

Basically, the bundled Let’s Encrypt client that comes with Webmin (acme-tiny), does not support the current version of the Let’s Encrypt API. Webmin dropped the ball and haven’t updated it.

However, there is a workaround. Webmin’s interface will use Certbot instead of acme-tiny, if you have Certbot installed and a Let’s Encrypt account registered.

First thing you need to do is visit and install Certbot according to suggested instructions for your operating system. Note: Select “None of the Above” for Server Software in the dropdown.

Once that’s installed, you need to run:

certbot register

At this point, you can try again to issue a certificate in the Webmin interface - it will use Certbot and hopefully succeed.

1 Like

This is new one server and installed webmin on it. So I will create new reg, or it is already when I install webmin on it? I am little bit confused, and just wanted to install ssl cetrificate

The latest version of Webmin comes with an outdated Let’s Encrypt client.

You need to install Certbot and perform the registration as I suggested.

Then Webmin’s SSL interface will work in the way you expect.

1 Like

I started install it and get this error:

[root@ ~]# sudo /usr/local/bin/certbot-auto certonly --standalone
Bootstrapping dependencies for Debian-based OSes… (you can skip this with --no-bootstrap)
Get:1 xenial InRelease [247 kB]
Hit:2 xenial-updates InRelease
Hit:3 xenial-backports InRelease
Hit:4 xenial InRelease
Get:5 xenial-security InRelease [109 kB]
Hit:6 xenial InRelease
Hit:7 virtualmin-xenial InRelease
Hit:8 virtualmin-universal InRelease
Fetched 356 kB in 0s (463 kB/s)
Reading package lists…
Reading package lists…
Building dependency tree…
Reading state information…
gcc is already the newest version (4:5.3.1-1ubuntu1).
gcc set to manually installed.
ca-certificates is already the newest version (20170717~16.04.2).
openssl is already the newest version (1.0.2g-1ubuntu4.15).
python is already the newest version (2.7.12-1~16.04).
python set to manually installed.
The following additional packages will be installed:
libexpat1-dev libpython-dev libpython2.7 libpython2.7-dev python-pip-whl
python-pkg-resources python2.7-dev python3-virtualenv zlib1g-dev
Suggested packages:
augeas-doc augeas-tools python-setuptools
Recommended packages:
The following NEW packages will be installed:
augeas-lenses libaugeas0 libexpat1-dev libffi-dev libpython-dev libpython2.7
libpython2.7-dev libssl-dev python-dev python-pip-whl python-pkg-resources
python-virtualenv python2.7-dev python3-virtualenv virtualenv zlib1g-dev
0 upgraded, 16 newly installed, 0 to remove and 0 not upgraded.
Need to get 32.7 MB of archives.
After this operation, 57.8 MB of additional disk space will be used.
Do you want to continue? [Y/n] Abort.

So, it self abort it, I have no chance to put Y or N

If you are using Ubuntu Xenial, then your installation instructions are here:

You shouldn’t be using certbot-auto in that case.

Once it is installed, you don’t need to run --standalone, just certbot register.

[root@ ~]# certbot register sh: 1: certbot: not found

Did you run apt-get install certbot , from the instructions?

Did it succeed?

Yes, it stop it again

Do you want to continue? [Y/n] Abort.

That sounds like a problem with your SSH client. Are you using an HTML5 console, by any chance?

Anyway, I think you can work around this “Abort” problem by adding a -y, as in:

apt-get -y install certbot

Yea,,, thanks!! Now it works, and how to register it now?


You can register using:

certbot register --email --agree-tos

If that succeeds, try issue your certificate using Webmin user interface again.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Skipped user interaction because Certbot doesn’t appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

Looks good to me. That should be the only thing you need to do.

Try Webmin again.

Ahhh, still not registred/installed

What does Webmin say?

DNS-based validation failed : Neither DNS zone mydomain or any of its sub-domains exist on this system


That’s not a Let’s Encrypt error. That’s a Webmin error explaining that it doesn’t host the DNS for mydomain, so it can’t perform DNS validation for it.

If you know what directory mydomain is served from, you can choose the “webroot” option on that user interface, and specify the directory.

Copying certificate and key to Dovecot files ..
.. wrote out certificate in /dovecot.cert.pem and key in /dovecot.key.pem

Enabling SSL in Dovecot configuration ..
.. done

When I get back it shows still as showed in image below: