| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu 24.04 LTS |
| Webmin version | 2.610 |
| Virtualmin version | 7.50.2 GPL |
| Webserver version | Nginx 1.24 |
My home server is setup with Virtualmin with LEMP stack
I am trying to create a proxy v-server for webmin using admin.example.com
My DNS for IPv4 and IPv6 is pointed towards my home server. However, right now only ipv6 is working. Letsencrypt is connecting to IPv6 but getting an invalid host error.
What could be wrong. Below is the Nginx v-server config and error.
Thanks in advance.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for admin.example.com
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: admin.example.com
Type: connection
Detail: 2604:3d08:3378:5b50::d169: Fetching https://admin.example.com.well-known/acme-challenge/MctBNquF9b54nIRsx-UclAjxGyLtqFmAJ-NFlPQ0aWE: Invalid host in redirect target “admin.example.com.well-known”. Check webserver config for missing ‘/’ in redirect target.
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
All challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name admin.example.com;
root /home/example/domains/admin.example.com/public_html;
# ACME-challenge
location ^~ /.well-known/acme-challenge/ {
root /home/example/domains/admin.example.com/public_html;
}
# Force https redirect
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name admin.example.com;
root /home/example/domains/admin.example.com/public_html;
# ACME-challenge
location ^~ /.well-known/acme-challenge/ {
root /home/example/domains/admin.example.com/public_html;
}
ssl_certificate /etc/ssl/virtualmin/17664466542575782/ssl.cert;
ssl_certificate_key /etc/ssl/virtualmin/17664466542575782/ssl.key;
access_log /var/log/virtualmin/admin.example.com_access_log;
error_log /var/log/virtualmin/admin.example.com_error_log;
location /RequestDenied {
return 418;
}
location / {
proxy_pass https://127.0.0.1:10000;
##
#Proxy Settings
##
proxy_redirect off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 32 32k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
# Fixes initial redirect after login
# proxy_redirect https://$host:10000/ https://$http_host/;
}
}