Unable to get Webmin an SSL certificate assigned

My domain is: latenitehost.com

I ran this command: Webmin Configuration > SSL Encryption, and followed the instructions found here https://www.hostfav.com/blog/index.php/2017/07/26/add-lets-encrypt-certificate-to-webmin/

It produced this output:

Requesting a new certificate for latenitehost.com, using the website directory /var/www/html/ …
… request failed :

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for latenitehost.com
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification…
Challenge failed for domain latenitehost.com
http-01 challenge for latenitehost.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:


My web server is (include version): CentOS 7 64-bit running Apache 2.4.6

The operating system my web server runs on is (include version): CEntOS Linux 7 with kernel Linux 2.6.32-042stabl33.1

My hosting provider, if applicable, is: Warpline

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Using Webmin and Virtualmin latest

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.0.0

I should add more about what I’m trying to do for context. I want to have a default landing page at /var/www/html/ that has links to the rest of my sites in the /home/ directory, and I want to have SSL on this domain as well as the others.

Let’s Encrypt worked fine adding SSL to all of the other domains which are housed in /home/, but I also want to have SSL on the public-facing Webmin site, too.

Hi @latenitehost

if you use webroot and if that doesn’t work, your webroot may be wrong.

Or there are additional definitions that block.

Checking your domain - https://check-your-website.server-daten.de/?q=latenitehost.com

There are redirects http -> https://latenitebooks.com/ to another domain.

But /.well-known/acme-challenge/random-filename isn’t redirected.

Looks like you have an additional definition to exclude /.well-known.

So check these definitions to find your real webroot.

1 Like

Where would I check such for definitions?

Looking in apache’s configuration files, the DocumentRoot is set as “/var/www/html”. Inside this directory is an index.html file that says “Hello”, but it’s not being served because it is being redirected to another domain.

Here is the virtual host entry for latenitebooks.com:

<VirtualHost *:80>
SuexecUserGroup "#1000" "#1000"
ServerName latenitebooks.com
ServerAlias www.latenitebooks.com
ServerAlias mail.latenitebooks.com
ServerAlias webmail.latenitebooks.com
ServerAlias admin.latenitebooks.com
DocumentRoot /home/latenitebooks/public_html
ErrorLog /var/log/virtualmin/latenitebooks.com_error_log
CustomLog /var/log/virtualmin/latenitebooks.com_access_log combined
ScriptAlias /cgi-bin/ /home/latenitebooks/cgi-bin/
ScriptAlias /awstats/ /home/latenitebooks/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/latenitebooks/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
AddType application/x-httpd-php .php
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
AddHandler fcgid-script .php7.2
FCGIWrapper /home/latenitebooks/fcgi-bin/php7.2.fcgi .php
FCGIWrapper /home/latenitebooks/fcgi-bin/php5.fcgi .php5
FCGIWrapper /home/latenitebooks/fcgi-bin/php7.2.fcgi .php7.2
</Directory>
<Directory /home/latenitebooks/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.latenitebooks.com
RewriteRule ^(.*) https://latenitebooks.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.latenitebooks.com
RewriteRule ^(.*) https://latenitebooks.com:10000/ [R]
RemoveHandler .php
RemoveHandler .php5
RemoveHandler .php7.2
php_admin_value engine Off
FcgidMaxRequestLen 1073741824
<Files awstats.pl>
AuthName "latenitebooks.com statistics"
AuthType Basic
AuthUserFile /home/latenitebooks/.awstats-htpasswd
require valid-user
</Files>
Alias /dav /home/latenitebooks/public_html
<Location /dav>
DAV on
AuthType Basic
AuthName "latenitebooks.com"
AuthUserFile /home/latenitebooks/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RemoveHandler .php7.2
RewriteEngine off
</Location>
RedirectMatch ^/(?!.well-known)(.*)$ https://latenitebooks.com/$1
</VirtualHost>

And then there are several other domains setup the same way. latenitehost.com is not in the list of virtual hosts, but I would not expect it to appear there since it is the webroot.

I don’t use Webmin. But you have such a redirect and you have to remove it. May be there is no explicit vHost, so the wrong vHost is used.

But using Webmin + editing the raw config files may not work -> use only Webmin.

Thank you. The redirect was located and resolved.

2 Likes