Let's Encrypt for main server host domain

I am trying to get a cert for the main server host domain. I tried setting the directory to /var/www/html and /var/www/html/, running in test mode. It fails the HTTP challenge because it can’t retrieve the token. I suspect that this might be due to the fact that when I enter the main server host in a browser, it directs to one of the other domains, rather than /var/www/html – Any ideas?

Don’t name your server something you plan to use for services.

Name your server something generic (e.g. srv1.domain.tld), and then create a Virtualmin domain for your “main” domain.

So I set the server host to a fictitious domain and then create a Virtualmin domain for the real one? Then use /home/user/public_html for the path in Let’s Encrypt? Would I then be able to log in to Virtualmin at https://realdomain:10000? I just want to make sure that I am understanding correctly. Thanks, Joe

No, it should be a real name. It should ideally resolve (and the IP should reverse resolve to something that forward resolves to the IP). But, you shouldn’t need certs for it, because you’re not going to be sending any clients to that name.

I do this:

  • Name my server srv1.virtualmin.com
  • Create a domain virtualmin.com
  • Add an A record to the virtualmin.com zone for srv1
  • Optionally add a PTR if I’m authoritative for the IP

And then get the cert for the domain created in Virtualmin and accessed at /home/xxx … And then access Virtualmin at that domain port 10000?
I set the hostname to srv1.davidgmedia.us, then tried to create a virtual server in Virtualmin for davidgmedia.us. I got this error: Failed to create virtual server : The domain davidgmedia.us is already hosted by your Apache webserver

Would it make sense to set hostnamectl to a fictitious name, then create the virtual server, then set hostname again?

Get rid of the Apache virtual host you configured for davidgmedia.us outside of Virtualmin.

1 Like

I think I’m making progress. I was able to get the cert issued and it shows as current in Webmin Config. However, the browser still shows unsecured when I go to davidgmedia.us:10000. I tried clearing the browser history and restarted both httpd and webmin.

Did you just read the latest message from Joe? He posted you the completed solution, your progress should be now completed by any means

Got it! Thanks, Joe – You’ve been a great help!

Thanks! This is certainly a helpful community. I hope that I will be able to return the favor and help others as well. Although I have a fair amount of experience with website coding and design, until now I have done little server management. I am learning a lot and appreciate the helpful attitude of those I have met here.

1 Like

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.