I fear that I have made hash of my SSL certs on my server. I use Virtualmin to host several (9) sites with different domain names. Most work. The ones that don’t include:
richb-lyme[dot]com
my webmin/virtualmin console
Let’s talk about the the first one::
I set up richb-lyme[dot]com last summer. I used Virtualmin to create it, then installed Wordpress using their installer (not the script from Virtualmin). Wordpress is on 5.8.1, with a minimal number of plugins. Virtualmin arranged to get the SSL certificate, so all was good back then. Now, I get a SSL error in the browser, and Virtualmin shows me:
However, Webmin shows the home directory of my Wordpress site is actually /home/richb-lyme/wordpress (I bet this is part of the problem)
I think I see the problem: the SSL Certificate page for richb-lyme.com shows that it’s placing the test file in /home/richb-lyme/public_html:
My Question: What’s the best way to fix this so that SSL renewals “just work” in the future. (I’m willing and comfortable farbling around the command line if necessary.) Many thanks.
Update: This stuff worked fine for the last 3 months, then my Let’s Encrypt certificate expired. The automatic stuff (that works for the other wordpress sites all running on the same VPS) isn’t working for this one site.
I suspect there’s a mismatch between where the Let’s Encrypt temporary file goes, where my site’s files currently reside, and how to get them aligned…
Is there any documentation about how it’s supposed to work? (Here’s the current (non-working) state:
Webmin’s Servers > Apache > Existing Virtual Servers shows the Document root is: /home/richb-lyme/public_html/wordpress
Virtualmin’s config for richb-lyme.comServer Configuration > SSL Certificate > Let’s Encrypt shows the temporary file will go in /home/richb-lyme/public_html
What do I change to get this stuff all to line up (and let me request a new
Let’s Encrypt certificate)? Many thanks.
Try going to richb-lyme.com - Edit Virtual Server and first disable both Apache website and Apache SSL website features and then re-enabling it.
Try going to richb-lyme.com - Server Configuration ⇾ SSL Certificate / Let's Encrypt and first disable Automatically renew certificate and then re-enable it.
Thanks for this response. (I got the SSL working on my own by mucking about. But I don’t remember what I did, so it’s good to know there’s a real procedure to follow.)
A few questions on this process:
Am I correct that this will entirely rewrite the configuration files for the host - erasing them and regenerating them?
And if the host files get recreated, how does Virtualmin keep track of the locations of Document Root, the home directory, etc. while it’s recreating the Apache files?
And finally, this process would be OK - I don’t think I’ve made any interesting changes to the virtual host file EXCEPT I have to comment out the first line for every automatically generated Virtualmin host:
# SuexecUserGroup "#1019" "#1019"
(It always leads to an Apache error, so I comment it out, and it’s fine.)
