Create LE certificate fails

Randomz · April 17, 2024, 3:04pm

Thanks, that was the trick.

Along with the firewall and that one server had httpd running for no good reason that I recall - which tied up port 80.

Randomz · April 19, 2024, 9:28am

Would it also be possible for the certificate to include Usermin - port 20000 ?
Is there something I can do to fix that?

Randomz · April 19, 2024, 9:34am

I just copied the 3 LE lines from webmin miniserv to usermin miniserv. Working now.

Joe · April 19, 2024, 9:26pm

That’s the default behavior in Virtualmin. If you connect to Usermin with a name that matches a domain managed by Virtualmin that has a certificate, it’ll use that cert.

Randomz · April 19, 2024, 11:21pm

This is a Webmin only system, on which I also use Usermin.

stefan1959 · April 20, 2024, 2:51am

Is usermin using a FQDN that matches the certificates?

Randomz · April 20, 2024, 2:59am

Using domain.com:20000 whereas webmin uses domain.com:10000

It works, but you need to tell Usermin where to find the LE certificate once you have created it for Webmin.

My request is just to also add the lines to usermin miniserv if that file exists.

But it’s no problem to do it manually either.

stefan1959 · April 20, 2024, 7:07am

Didn’t think the port had anything to do with it.

jimr1 · April 20, 2024, 7:14am

It appears to on a webmin only system the fix is to add the ssl to the usermin config as stated earlier

rony · May 11, 2024, 6:57pm

I permanently install mini-httpd on every “only webmin” servers. And domain validation working corectly with certbot with FQDN name on that server.

Joe · May 11, 2024, 7:53pm

You don’t need an extra web server. certbot has a standalone mode that handles the validation (but only if something isn’t already listening on port 80). Webmin recently got the ability to use that mode.

rony · May 12, 2024, 2:12pm

But on cloudmin installation I not have certbot installed. Only acme-tiny from webmin. And this support standalone mode? Because this wants use /var/www/html too.

Joe · May 12, 2024, 7:19pm

No, acme-tiny does not. You should install certbot. acme-tiny was only ever intended to fill the gap when certbot isn’t available, but if you have certbot in OS repos and you’re on a reasonably up to date OS, no reason not to use it.

rony · May 12, 2024, 7:31pm

Thx. If certbot installed, it is default. Yes?

Ilia · May 13, 2024, 5:03pm

If it’s only Webmin, then no, certbot isn’t installed as neither required nor recommended package; you’d need to manually install the certbot package, which Webmin would use if it’s installed.

rony · May 13, 2024, 5:34pm

Ok, I got it. My question was: if I install certbot on pure webmin system, webmin will automatically prefer certbot over acme-tiny. Thx for response.

Ilia · May 13, 2024, 6:16pm

Yes, that’s right.