I think I have royally screwed something up. After fiddling with letsencrypt, doing it through certbot CLI, I managed to have my sites working properly with https.
I started seeing how confusing this started getting because letsencrypt uses a different directory to store the certs, virtualmin puts them somewhere and dovecot puts them somewhere etc., urgh
I do not recall doing any edits out of the ordinary but I’m sure I touched something. A couple of days later dovecot started complaining (I could not get mail) with error:
imap-login: Fatal: Couldn’t parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY
I was mobile that day and never even touched the server. So I started troubleshooting, I even tried under Manage SSL Certificates and Copy to Dovecot. This made things worse with error:
imap-login: Fatal: Can’t load private ssl_key: Key is for a different cert than ssl_cert
Now I could not even check email with roundcube and dovecot was not responding when trying to restart. I rebooted the server and now I cannot access virtualmin from my primary domain, getting error:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I can access it from some other domains, but not all of them. several domains give the browser error above but other domains I can get in to virtualmin.
I don’t even know where to start anymore…
Can I just regenerate the ssl for virtualmin? I also wanted to do this for the dovecot self-signed certificates…