It seems, I’ve get one step forward as follows:
- remove old certbot
apt-get remove certbot
- add snapd
apt-get install snapd
- load new certbot
sudo snap install --classic certbot
- create a link, where virtualmin expect the file:
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Steps are described here at the certbot-page
This makes me able to run certbot without an fatal error, but it still don’t finish the validation. It output the following in my Custom-Command I’ve create to simulate a certification in --dry-run:
Ausgabe von virtualmin generate-letsencrypt-cert --domain citra.shop --staging ..
Requesting SSL certificate for citra.shop www.citra.shop ..
.. failed : Web-based validation failed : Requesting a certificate for citra.shop and www.citra.shop
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: citra.shop
Type: unauthorized
Detail: Invalid response from http://citra.shop/.well-known/acme-challenge/k7TAULIUjnLviFo72okPbgLJ1d5pKqObv4UrvaAEuBM [2001:4b99:1:253::9]: 404
Domain: www.citra.shop
Type: unauthorized
Detail: Invalid response from https://citra.co.za/.well-known/acme-challenge/AQ56EV_nymeR7cH0yWwITl0j2IgEZ97NRCodIqQ3QuM [2001:4b98:dc5:253::9]: 404
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
DNS-based validation failed : Requesting a certificate for citra.shop and www.citra.shop
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: citra.shop
Type: unauthorized
Detail: No TXT record found at _acme-challenge.citra.shop
Domain: www.citra.shop
Type: unauthorized
Detail: No TXT record found at _acme-challenge.www.citra.shop
Hint: The Certificate Authority failed to verify the DNS TXT records created by the --manual-auth-hook. Ensure that this hook is functioning correctly and that it waits a sufficient duration of time for DNS propagation. Refer to "certbot --help manual" and the Certbot User Guide.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
BTW:
Is there an implementation for a WildCard Certificate planed, where certbot needs an DNS-Entry? See
I’m not familiar with perl, but if I can I would help to create such an plugin… there are still some for many other ISP-Software: Certbot Plugins