| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Rocky Linux 8.6 |
| Webmin version | 2.021 |
| Virtualmin version | 7.5 |
| Related packages | SSL Certificate |
How can I change the checkout folder to renew the Let’s Encrypt SSL certificate?
the error appears
“. . .This is done by placing a small temporary file under the website’s document directory /home/myweb/public_html.”
I would like the folder to be /home/myweb/public_html/public.
Thank you!
you can change the home directory at Server Configuration -> Change Domain Name -> Change Home Directory but I have no idea if that lets the LE bot seach in the new directory for /.well-known and of course any web pages, proxies etc that are loaded at the old directory will also need to be moved. Ideally this should be done when setting up a new VS. NB. I have never done this after the fact.
Just seems an odd request when all should work as is. Are you getting a specific error with LE?
When I try to renew:
Renewal failed due to Web-based validation failed : Renewing an existing certificate for myweb.oclockdt.com
the Let’s Encrypt service requires that your ownership of the certificate domain be validated by checking that this system hosts the website for the domain. This is done by placing a small temporary file under the website’s document directory /home/myweb/public_html.
I have 5 subdomains, the directory of the other four is /home/myweb/public_html/public
And auto-renewal works perfectly.
I don’t know how to change from “…/public_html” to “…/public_html/public”.
You should not do that.
You should make it so that a file in /home/domain/public_html/.well-known can be downloaded.
You do this by making sure any redirects, proxy rules, access restrictions, etc. exclude the .well-known dir.
Sorry, I couldn’t answer earlier.
I have 3 subdomains from oclockdt.com with web applications running under PHP/Codeigniter 4, each located in its /public_html directory:
ce, control & demo
ce is not renewed. control and demo renew the Let’s Encrypt certificate fine. if i access
Virtualmin → Server Configuration → SSL Certificate → Let’s Encrypt
i can read above
In ce:
This is done by placing a small temporary file under the website’s document directory /home/ciclos/public_html
Automatically renew certificate? Yes
Time since last renewal 0.00 months
Last successful renewal 12/22/2022 06:42 AM
Last failed renewal 06/07/2023 05:49 PM
Renewal failed due to Web-based validation failed : Renewing an existing certificate for ce.oclockdt.com
In control:
This is done by placing a small temporary file under the website’s document directory /home/ciclos/public_html/public
Automatically renew certificate? Yes
Time since last renewal 5.60 months
Last successful renewal 12/21/2022 05:40 PM
Automatically renew certificate? Yes
Time since last renewal 2.18 months
Last successful renewal 03/04/2023 11:32 AM
I know why ce doesn’t renew, but not how to solve it. Thanks for your atention.
In both ce and control, the .htaccess for /public_html and /public_html/public are the same.
And in /etc/httpd/conf/httpd.conf on both virtual servers, on port 443:
ProxyPass /.well-known !
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.test.oclockdt.com
RewriteRule ^(?!/.well-known)(.*) https://test.oclockdt.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.test.oclockdt.com
RewriteRule ^(?!/.well-known)(.*) https://test.oclockdt.com:10000/ [R]
Any ideas? Thank you.
When I try to renew the SSL Certificate here:
Virtualmin → Server Configuration → SSL Certificate → Let’s Encrypt → Only Update Renewal
in the log file:
2023-06-14 14:29:07,801:DEBUG:acme.client:Storing nonce: C400scdXeputnzaSclBGVnC3b_VENAwxMW1MO40zjVnegtA
2023-06-14 14:29:07,801:INFO:certbot._internal.auth_handler:Performing the following challenges:
2023-06-14 14:29:07,801:INFO:certbot._internal.auth_handler:dns-01 challenge for . . .
2023-06-14 14:29:07,802:INFO:certbot.compat.misc:Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
2023-06-14 14:29:08,086:WARNING:certbot.display.ops:Hook ‘–manual-auth-hook’ for ce.oclockdt.com reported error code 1
2023-06-14 14:29:08,086:WARNING:certbot.display.ops:Hook ‘–manual-auth-hook’ for ce.oclockdt.com ran with error output:
Error: Missing file to read at virtual_server::/usr/libexec/webmin/virtual-server/feature-dns.pl line 3694
Error
Missing file to read at virtual_server::/usr/libexec/webmin/virtual-server/feature-dns.pl line 3694
Please, I need to renew the certificate, what is happening? Thanks.
Solved:
sudo certbot certonly -d midominio.com