Virtualmin, unable to secure domain


#1

Hi There,

Operating system CentOS Linux 7.3.1611
Webmin version 1.831
Virtualmin version 5.07

I have one virtual host on the server. I am unable to get the Let’s Encrypt Certificate to work on the domain, however I was able to copy it to both Webmin and Usermin and it did secure those domain entry points with a valid certificate.

I’m not sure what I have done wrong as it seems like, at least from my understanding, the feature should just work with very little intervention.

SSL error I am getting is as follows:

Certificate Error
There are issues with the site’s certificate chain (net::ERR_CERT_AUTHORITY_INVALID).

Any help would be greatly appreciated.

Please see screenies below, maybe someone can see something obvious I am missing.

A directory called .well-known exists in public_html, that this contains an empty directory called acme-challenge.

If any further info is required to assist in troubleshooting, please let me know.


#2

I can only add one image per post sorry


#3

and finally…


#4

Well, the good news is your Let’s Encrypt certificate is successfully used by:

  • Postfix,
  • Usermin,
  • Webmin and
  • Dovecot.

I tested with openssl s_client (Postfix on port 25 with -starttls smtp, Dovecot on port 143 with -starttls imap and Usermin/Webmin on their default ports.

This is exactly the same as the sentence “This SSL certificate is already being used by” in your first screenshot…

Why it isn’t used in your Apache? Beats me, I don’t have any knowledge of Webmin to be honest…


#5

Yes, I am a bit lost as to why it isn’t being picked up by apache.
It seems that the certificate being served up is a self signed one, not the one brought down from Let’s Encrypt and this is the reason I think I am getting the certificate error…It must be an issue with the virtualmin lets encrypt modules interaction with apache.
So I have a bit to investigate…having said that any pointers would be awesome as I am by no means an expert in any of this!


#6

So I managed to get this resolved: followed the instructions here
Hopefully this may help someone else.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.