| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu 24.04.1 LTS |
| Virtualmin version | 7.20.2 |
Hi
I have some problems with my webmail.domain and admin.domain
I use an external DNS provider, and my A-Rcords look like this…
But if I go to webmail.futurenode.dk and admin.futurenode.dk
It just goes to https://www.futurenode.dk!
Regards
Thomas - Futurenode.dk
What happenes when you visit https://futurenode.dk:20000 instead of webmail.futurenode.dk
Me I get ssl certificate error.
So maybe he could try first to ask the certificate for webmail.futurenode.dk, admin.futurenode.dk too. Considering the current certificate didn’t have been created for these address.
Feel free to ask a new certificate each time you restore a Backup.
Open the debug tab in your browser and examine the request and response you might see some redirects happening.
Have you checked with a DNS propagation tester that the correct IP is set for your sub domains
Also, empty browser cache and restart browser
Hi,
Thanks for trying to help me.
My hosting panel is located at https://skytower.futurehost.dk:20000/ and this page works fine.
I get an SSL error if I use: https://futurenode.dk:10000 / 20000!
If i go to webmail.futurenode.dk or admin.futurenode.dk, it just redirects to my domain: https://www.futurenode.dk
If I use a port number like 10000 / 20000 it gets me a ssl error!
So the problem is if I go to admin / webmail my domain! in this case webmail.futurenode.dk and use a port number it give me a ssl error.
I have created an SSL for my site but I still have the same SSL error:
Checking hostnames for resolvability ..
Requesting a certificate for futurenode.dk, www.futurenode.dk, admin.futurenode.dk, webmail.futurenode.dk, autoconfig.futurenode.dk, autodiscover.futurenode.dk from Let's Encrypt ..
.. request was successful!
Configuring webserver to use new certificate and key ..
.. done
Applying webserver configuration ..
.. done
I don’t know how to debug…
DNS are correct.
Regards
Thomas
If this is happening something is issuing the commands from your website, such as a htaccess file, a wordpress installation…
My findings
Raw details below
HTTP/2 301
strict-transport-security: max-age=63072000; includeSubDomains;preload
x-xss-protection: 0
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(*), geolocation=(self), microphone=(self), midi=(self), payment=(self), display-capture=(self)
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: same-origin
content-security-policy: img-src 'self' data: https://img.geocaching.com https://cdn.futurenode.dk https://i.ytimg.com https://updates.theme-fusion.com https://img.onesignal.com https://media.onesignal.com https://wp-rocket.me https://t0.gstatic.com https://t.paypal.com https://lh3.googleusercontent.com https://www.paypalobjects.com https://c.paypal.com https://image.thum.io http://pbs.twimg.com https://graph.facebook.com https://www.fs-poster.com https://scontent-fra5-1.xx.fbcdn.net https://cdn.discordapp.com https://imgsct.cookiebot.com https://www.googletagmanager.com https://avada.studio blob: https://www.gravatar.com https://cdn-cookieyes.com https://really-simple-ssl.com https://scontent-cdg4-3.xx.fbcdn.net https://secure.gravatar.com https://ts.w.org https://s.w.org https://ps.w.org ; default-src 'self'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://www.paypal.com https://www.google.com https://www.gstatic.com https://www.youtube.com https://cdn.futurenode.dk https://cdn.onesignal.com https://onesignal.com data: https://cdn.mxpnl.com https://beacon-v2.helpscout.net https://fast.wistia.com https://secure.polldaddy.com https://connect.facebook.net https://cdn.jsdelivr.net https://ajax.googleapis.com https://platform.twitter.com https://maps.googleapis.com https://widget.docsbot.ai https://app.satismeter.com https://www.googletagmanager.com https://www.paypalobjects.com https://cdnjs.cloudflare.com https://cdn-cookieyes.com https://consent.cookiebot.com https://consentcdn.cookiebot.com 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://js.stripe.com https://www.paypal.com https://www.google.com https://www.gstatic.com https://www.youtube.com https://cdn.futurenode.dk https://cdn.onesignal.com https://onesignal.com data: https://cdn.mxpnl.com https://beacon-v2.helpscout.net https://fast.wistia.com https://secure.polldaddy.com https://connect.facebook.net https://cdn.jsdelivr.net https://ajax.googleapis.com https://platform.twitter.com https://maps.googleapis.com https://widget.docsbot.ai https://app.satismeter.com https://www.googletagmanager.com https://www.paypalobjects.com https://cdnjs.cloudflare.com https://cdn-cookieyes.com https://consent.cookiebot.com https://consentcdn.cookiebot.com ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.futurenode.dk https://onesignal.com https://code.jquery.com https://www.gstatic.com https://cdnjs.cloudflare.com https://fonts.bunny.net ; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.futurenode.dk https://onesignal.com https://code.jquery.com https://www.gstatic.com https://cdnjs.cloudflare.com https://fonts.bunny.net ; font-src 'self' https://fonts.gstatic.com https://cdn.futurenode.dk https://s0.wp.com https://cdnjs.cloudflare.com https://fonts.bunny.net data:; frame-src 'self' https://js.stripe.com https://www.google.com https://www.youtube.com https://wp.freemius.com https://wp-rocket.me https://www.youtube-nocookie.com https://assets.braintreegateway.com https://avada.studio https://platform.twitter.com https://consentcdn.cookiebot.com https://api.wp-rocket.me blob:; connect-src 'self' https://fonts.googleapis.com https://www.paypal.com https://www.futurenode.dk https://onesignal.com https://d3hb14vkzrxvla.cloudfront.net https://api-js.mixpanel.com https://bunnycdn.com https://pipedream.wistia.com https://fast.wistia.com https://cdn.futurenode.dk https://maps.googleapis.com https://docsbot.ai https://app.satismeter.com https://www.google-analytics.com https://cdn.ampproject.org https://rankmath.com https://consent.cookiebot.com https://log.cookieyes.com https://directory.cookieyes.com https://cdn-cookieyes.com https://api.github.com https://consentcdn.cookiebot.com; worker-src 'self' blob:; frame-ancestors 'self' ; upgrade-insecure-requests;
x-redirect-by: WordPress
location: https://www.futurenode.dk/
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 28 Sep 2024 12:47:26 GMT
server: Apache
X-Firefox-Spdy: h2
Hi
I will try to find the problem, and I will be back!
thanks for thee help so far
// Thomas
Hi again
I have tried to add a new domain - called https://www.team-halfdaner.dk/
http://webmail.team-halfdaner.dk:20000
http://admin.team-halfdaner.dk:10000
It works okay if i use HTTP, but if use HTTPS it just goes to my page: https://www.team-halfdaner.dk
What can the problem be?
The info above shows the https has all of that extra garbage and a location redirection header.
Interesting that the http is unaffected.
Why have produced a virtual server with the prefix webmail ? Normally virtualmin will create this alias so if you navigate to webmail.domain.tld it will redirect to domain.tld:20000 there is no need to create that domain
Hi.
Thanks for the reply.
The only thing I have made is:
https://www.team-halfdaner.dk is not behind a Proxy or CDN
https://www.futurenode.dk running with a CDN
Thanks
Thanks for your reply.
The problem is it does not redirect.
Fix that rather than making new domains, that will make it more confusing
OK… Understand…
I have removed team-halfdaner.dk agian
What is the domain you use the screen shot shows you are redirecting to another domain and not the domain you create is there a reason for this ?
Hi,
“skytower.futurehost.dk” is the domain where the Virtualmin is installed.
Thats the hostname not a domain name switch it back to domain and not custom. Each domain will do it’s own redirects to virtualmin and webmin. You have over written this ability by using the hostname. If you have created a domain called
skytower.futurehost.dk
Remove it as it will cause issues with email
Hi…
I found a solution - I removed the admin.domain / webmail.domain - I did not need it.
Thanks for your time and help.
Really sorry (no harm) but what did you fixe ?
When I go on skytower.futurehost.dk I still get certificate that is not valid for skytower.futurehost.dk. The certificate is only valid for the following names: autoconfig.futurehost.dk, autodiscover.futurehost.dk, futurehost.dk, mail.futurehost.dk, www.futurehost.dk
And when I go on admin.futurehost.dk and webmail.futurehost.dk. I get We’re having trouble finding that site.
Please do not say it’s solved if the problem remain because any newcomer will do it thinking it will fix its problem while it will not.
Then what you did may have “fixed” it but it seems the main threat are probably the redirections which are incorectly setup (as shoulders said).
Because even skytower.futurehost.dk still redirect to futurehost.dk and not Webmin. Which is normal considering you setup "skytower.futurehost.dk :10000 " and not “skytower.futurehost.dk” to redirect to webmin in the picture you previously shown. Still no ssl error should happen (Its mainly a note for newcomer who would fall on this topic).
According to me you should have skytower.futurehost.dk to redirect to futurehost.dk:10000 and skytowermail.futurehost.dk (or what you want) to redirect to futurehost.dk:20000.
But create a local hostname to then add the port at the end is not the way I would take.
Hi
Thanks for the reply.
I’m really appreciate your time
Sorry for being a big noob. I’m new to Linux.
I have tried to add a certificate for “skytower.futurehost.dk” and it seems there are no SSL errors.
Skytower.futurehost.dk redirects to www.futurenode.dk, which is my main page. - So it’s okay
futurehost.dk also redirects to www.futurenode.dk
I have a test domain called futurenode.org!
BUT:
So it seems to work! But only for “HTTP” and NOT “HTTPS”
Thanks for your help.
Regards
Thomas