- Virtualmin 6.08 (GPL)
- CentOS 7.7
- Webmin 1.941
I must be missing something in the process of trying to get a Let’s Encrypt certificate working on a new GPL server. On my Pro server I have a non-LE wildcard certificate (on *.example.NET) that I use for all Virtualmin access and various other functions requiring encrypted connections. It works fine. However, this means I don’t have experience trying to get an LE certificate to be the certificate used for Virtualmin and Webmin.
On the new GPL server I have pointed admin.example.COM to Virtualmin, and added example.COM as a virtual server. (It might be useful to know that I am only using Virtualmin for web hosting, not DNS or email.) When I try to get an LE certificate Virtualmin prompts me to get one for example.COM and www.example.COM. Instead I activate the “Domain names listed here” field and enter those two plus admin.example.COM. When I do I get this error:
Traceback (most recent call last):
File "/usr/libexec/webmin/webmin/acme_tiny.py", line 198, in <module>
main(sys.argv[1:])
File "/usr/libexec/webmin/webmin/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File "/usr/libexec/webmin/webmin/acme_tiny.py", line 143, in get_crt
raise ValueError("Wrote file to {0}, but couldn't download {1}: {2}".format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/example/public_html/.well-known/acme-challenge/cZqlH46J9nz_uYzI354bbzW4fFy37t_V5gBLxfJKHxo, but couldn't download http://admin.example.com/.well-known/acme-challenge/cZqlH46J9nz_uYzI354bbzW4fFy37t_V5gBLxfJKHxo: Error:
Url: http://admin.example.com/.well-known/acme-challenge/cZqlH46J9nz_uYzI354bbzW4fFy37t_V5gBLxfJKHxo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)>
Of course, admin.example.COM is pointing to the server, but it doesn’t have it’s own website / virtual server. So how do I generate an LE certificate for it? Do I have to create a virtual server or sub-server for admin.example.COM in order to be able to generate the certificate?
Actually, I thought I had found the answer just by writing this all out, but that doesn’t work either! When I try to create admin.example.COM I get this error:
Failed to create virtual server : The domain admin.example.com is already hosted by your Apache webserver
Now what?
Thanks.
Craig