I have been trying to fix my main servers system hostname SSL by requesting a letsencrypt SSL from Webmin > Webmin Configuration > SSL Encryption > Let’s Encrypt But it is failing for all the attempts and by choosing different options. I am not sure what I am missing and what needs to be done for this. This is the error:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for srv.domain.com
Using the webroot path /etc/webmin for all unmatched domains.
Waiting for verification...
Challenge failed for domain srv.domain.com
http-01 challenge for srv.domain.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: srv.domain.com
Type: unauthorized
Detail: Invalid response from
http://srv.domain.com/.well-known/acme-challenge/0mkv8DJ9gCVdwrba2axwjWNI6m2bRVg2207PDE-K0qk
[49.12.74.48]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The A record for srv.domain.com is added and it points to the server IP address
I don’t want to go and add a virtual server from virtualmin. Because virtualmin is to create virtual servers and if I add a virtual server for the main system domain it might cause problems.
Concurrent with your post, there was another in which the member shared with us the real domain name that he was using; based on this info, one of us was able to offer the solution to his exact problem. See
My point was that the community can offer specific suggestions for problems such as this if you share the domain names associated with virtual servers - absent which we are all shooting in the dark.
So I checked off the feature “Apache SSL website enabled?” by editing the virtual server I created. The only option now enabled is “DNS domain enabled?” in the “Enabled features” section
It seems like I am locked out of requesting new letsencrypt, so I will have to try that in a week or so and see if it works.
About your tip
“Tip: try to use a separate domain, than the one you’re planning on using for your affairs… Ask me how I know…”
Can you tell me how should I set this up to access my main server please?
Did you add a Host name to the domain you’re using as Host, and did you add it to the A record?. Where is your domain hosted?. At server or somewhere like Godaddy?.
Yes, after I setup the VPS with my server company. I used the install.sh script (virtualmin.com/download.html) to install virtualmin on the server. After everything is completed successfully I got this message:
I just checked the address and it’s not found. If you want to start from scratch again, follow this: https://www.hostwinds.com/guide/install-virtualmin-centos-7/, I’ve found this to be simple and quick…Make sure you install it on the hostname… I have it install on Centos 7.
I have the same problem recently.
I have a CentOS 8.2 instance that will not renew its Let’s Encrypt certificate. It succeeded three months ago when setup but now the URL gets a 404 error. Since the validation file remains for such a short time I can’t be sure whether it is actually created but I did create a test.txt file which causes the same 404 error.
In Webmin config/SSL/Let’s Encrypt settings I choose “other directory” (/var/www/html) as the validation root directory. I am expecting the external URL to be http://<ip_address>/.well-known/acme-challenge/test.txt.
The result displayed in Firefox is
Not Found
The requested URL /.well-known/acme-challenge/test.txt was not found on this server.
My Webmin FQDN resolves correctly with both IPv4 and IPv6 addresses. Let’s Encrypt validation appears to prefer the IPv6 address.
In my ignorance I’m not sure whether Webmin miniserv or Apache will serve this URL. Which is it?
Neither log shows any related errors. But would I need to change the log level? and where?
Permissions seem OK and certainly the same as my other CentOS 7 instance.
I’m at a loss to know why the URL is not being served, and especially why it once was, but not now.
I have installed many updates through Webmin/Virtualmin in this interval.
The Webmin FQDN domain is not a virtual domain on this server.
Virtualmin domain LE certificates are renewing perfectly as expected.
Webmin LE certifcates have always renewed manually for me, but consistently never automatically!
Any clues that can help me troubleshoot this would be most appreciated. Especially the answer to which webserver is used by Webmin for its own FQDN.
Thanks
Webmin version 1.955
Usermin version 1.803|
Virtualmin version 6.12
Authentic theme version 9.54
I realise now that miniserv only serves on port 10000, so it is Apache that serves on port 80, and the default virtual server that will serve files from /var/www/html in whcih the LE validation files will be stored (under .well-known/acme-challenge).
So my LE problem is due to Apache not serving the file, instead giving a 404 Not found response to anything in the default virtual server.