Disable Web-based validation SSL

SYSTEM INFORMATION
OS type and version Debian 11
Virtualmin version 7.1-1

I can’t request Let’s encrypt certificates with Web-based validation because everytime when I request certificates (every domain) I got error about DNS-based validation failed.
I already disabled and remove BIND and DNS feature but I don’t know how to Disable DNS-based validation and force Web-based validation only

Requesting a certificate for domain.ca, *.domain.ca from Let's Encrypt ..
.. request failed : Domain has no website, and DNS-based validation is not possible

Could you simplify by creating a new virtual server and then requesting a SSL certificate for it? Naturally a new virtual server will not have a .htaccess file or anything else which interfers with Virtualmin’s web based validation.

Do this and let us know how it goes. If it fails, it would be useful to know what the web server logs say.

Yes it works when I removed domain and create new one but I want to find out why this happens because I have few domains already configured and I don’t want to remove all of them.
btw I’m using Nginx not Apache

If SSL certificate requests to Let’s Encrypt work on a new virtual server then there is definitely something in your web app which is preventing web based validation when you request a certificate.

But this looks like it does not try to require web-based validation at all, only DNS

Requesting a certificate for domain.ca, *.domain.ca from Let's Encrypt ..
.. request failed : Domain has no website, and DNS-based validation is not possible

@dimmuboy,

Can you take a screen shot of “Edit VIrtual Server” page… Specifically the “Enabled Features” section.

*** Professional, Affordable, Virtualmin Support https://tpnassist.com ***

I already removed BIND from Webmin features so DNS option disappeared

Update: when I’m removing virtual server I get this log message

Removing SSL from Nginx virtual host …
… Nginx SSL website failed! : virtualmin-nginx-ssl::feature_delete failed : Module bind8 does not exist

@dimmuboy,

Thanks for the screen shot, very odd indeed. Perhaps @unborn might be able to chime in on this when he has a moment, he’s a serious Debian guy and I have to admit I haven’t really played around with Nginx as I’m quite content with Apache personally. It could also be a bug, so perhaps @staff might want to take a read when they have a moment.

Module bind8 does not exist is an unusual error, unless some Webmin modules were removed! Does the directory /usr/share/webmin/bind8 exist on your system?

Yes but I got error about DNS-based validation so I removed BIND because I didn’t use them. I have BIND just for generate dkim records for mailserver.

That is not the right way to handle that!

Edit: To be clear, if you aren’t using local BIND disable the DNS feature in Feature and Plugins.

But, also that’s not why your web validation is failing. Web validation comes first…you don’t need to disable DNS validation (and shouldn’t need to even care about DNS validation) to make web validation work. Web validation is the default and always preferred. If it’s failing, it’s not because of DNS validation. It’s failing because something is wrong with the web side of things.

Yes disabling BIND in features and plugins was the first what I tried but it does not help so I tried little harder :smiley:
However I checked packages for system update and BIND is back again

I tried to require certificates again and this is result
image

Y’all really work hard to break things. Of course it doesn’t help…DNS validation has nothing to do with why web validation fails. But, now you’ve got new problems. :man_shrugging:

Yes but I had problems before too :confused:

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.