Have you ever setup virtualmin, having more than 1 virtual server share the same IP but each requests a separated Let’s Encrypt certificate? I can confirm that I have done that on several servers before just fine. However, today on my new server which updated the latest webmin version I got this issue:
_ domain1.com is running https normally with LE certificate
_ I migrate a domain2.com from Cpanel to Virtualmin and request LE certificate for this domain
_ If I visit domain2.com, I get error “SSL certificate mistmatch” because the certificate shown to browser is registered for domain1.com
_ I tried to turn off SSL option from Edit Virtual Server, restart apache and then enable SSL again, request let’s encrypt again. --> Problem solved on my computer but the other computer of my friend still see this mismatch SSL error.
Question: could it be cache issue? flush browser cache doesn’t solve this problem. Do you have suggestion where to check on server? Thanks.
Make sure you don’t have a default ssl site configured. You haven’t mentioned your distro/version, so I can’t be specific, but some distros ship with a default SSL site and it needs to be disabled. We do that in the installation process, but there are situations where it can be re-enabled.
If it’s a recently installed system, you could try running:
# virtualmin config-system --include Apache
Which will re-do the Apache configuration (the things it changes are unlikely to cause problems on an existing production system, but please test afterward to make sure your sites are working, etc.). That’s assuming this is an Apache system, rather than nginx, of course.
Certs can maybe be cached by browsers, but that’s not what’s happening here, I don’t think.
Thanks Joe. I think I found the problem. The reason for this kind of symptom is because 127.0.0.1 was somehow removed from /etc/resolv.conf file (I use Debian)
adding nameserver 127.0.0.1 and it is ok again.
I found this when run the check configuration wizard again and it throws this message: Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server
By the way, where can I find more information about all available commands like yours, please? “# virtualmin config-system --include Apache”
I try virtualmin list-commands but there is no virtualmin config-system in that ?
The config-system subcommand is only available on recently installed systems, for now (where “recent” means installed with version 6.0.x of the install script). I think we’re getting stabilized enough with VM6 installs to be comfortable rolling it out for everyone soon…so we’ll probably release a migration tool in the next week or two for people that want to have the config-system subcommand available.
But, if you have it, it will show up when you do “virtualmin list-commands” and you can get usage information from it with:
# virtualmin config-system --help
The individual plugins and bundles can be listed with the --list-plugins and --list-bundles flags. Plugins are the individual configuration modules (e.g Apache, ProFTPd, Postfix, etc.) while bundles are selections of plugins for specific installation types. Right now there are four bundles: LAMP, LEMP, MiniLAMP, and MiniLEMP (where LEMP indicates it has nginx and LAMP indicates it has Apache).
The config-system command is how post-installation configuration happens, and so its primary purpose is to set up a system for the first time, but in some cases it can also correct problems and can also be used to configure services that were not setup during installation (e.g. if you installed with --minimal but decided later you want to have SpamAssassin). The latter use case is still pretty untested…it’s not a thing we’re recommending, per se, but that flexibility was a big part of the goal of the total rewrite of the installer and post-install configuration process.