| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Debian Linux 13 |
| Webmin version | 2.630 |
| Usermin version | 2.530 |
| Virtualmin version | 8.1.0 Professional |
| Theme version | 26.30 |
| Apache version | 2.4.66 |
| Package updates | All installed packages are up to date |
Virtualmin / Webmin is automatically creating wildcard host mappings such as *.example.com in the generated SSL config for Dovecot, Webmin and Usermin.
In my case this is too broad and causes conflicts with more specific subdomains that have their own certificates. It would make more sense to generate only the exact hostnames that are actually needed, for example:
example.commail.example.comwebmail.example.com(if enabled)
On many systems this may go unnoticed because it does not immediately cause a visible problem. However, once sibling subdomains use separate certificates, the wildcard mapping can interfere with correct certificate selection.
Removing the *.example.com entry and replacing it with an explicit mail.example.com entry fixes the issue, but those manual changes are lost when Virtualmin regenerates the configuration upon certificate renewal.
I would suggest not generating wildcard mappings automatically, or at least making this behaviour optional.


