Let's Encrypt SSL Install error

How to solve LEt’s Encrypt SSL install Error?

I’m trying another site but the same problem. Please help

I using Centos 7


You simply need to update to Webmin 1.940 - it will support certbot command for getting certificates.

Unless you can update using yum update right now, you could update it manually by running:

yum update http://download.webmin.com/download/yum/webmin-1.940-2.noarch.rpm

Hello, I’m on CentOS 7
I did
yum install certbot python2-certbot-apache

then, is certbot --apache command needed?
While apachectl configtest returns Syntax OK when I run certbot --apache it returns syntax error on line 318 for httpd.conf where I have <IfModule mod_mime.c=""> What’s wrong with that if syntax is ok for the configtest?

please, explain what I should do now…thanks

You don’t need or want the python2-certbot-apache package. It is not needed if Virtualmin is managing your certs. You don’t need to do anything other than install certbot.

Thanks Joe, but why on the Let’s Encrypt tab you write:

…Let’s Encrypt service requires that your ownership of the certificate domain be validated by checking that this system hosts the website for the domain. This is done by placing a small temporary file under the website’s document directory /home/myuser/public_html.

is it relevant? I can’t find any new file written there now, unless it’s an old file I don’t know…or is it just a temp file that is deleted after the renewals and enough?

You shouldn’t have to do any manual steps outside of Virtualmin to setup or renew a Let’s Encrypt certificate.

It’s just a matter of logging into Virtualmin, go into Server Configuration -> SSL Certificates -> Let’s Encrypt, and there you can obtain a Let’s Encrypt certificate… it’ll handle all the authentication and validation for you.

You won’t find the file. It’s all cleaned up for you. It is placed there temporarily to validate domain ownership and then removed after. So…it’s relevant, in that it explains how Let’s Encrypt validates domain ownership, but it’s not relevant in the sense that you should interact with the file in question.

I guess that text should be updated…though I’m not sure how to make it much clearer. It already says it’s a temporary file. But, maybe I can remove the “However…requires…” stuff that maybe could be interpreted to mean the end user is required to do something, rather than that Virtualmin will do the steps described automatically.

I was able to get LetsEncrypt working on CentOS 7 by doing a yum install certbot with the epel repository enabled. Otherwise it only shows this under the LetsEncypt tab. “The Let’s Encrypt client command letsencrypt or certbot was not found on your system”. Virtualmin and Webmin are both on the current releases.

On CentOS 6, there doesn’t appear to be one of those packages. I’m starting to get a lot of failure notices and worried about what to do with maybe 25 days left on some sites.

Is there a good solution for this in the works?

Otherwise, is there a good solution for doing this manually?


Yes, ACME Tiny is coming back (in an updated version) in Webmin 1.941 as a fallback for systems that don’t have certbot. We underestimated how difficult it would be to get good packages built for very old distributions, so the old built-in client is coming back.

You can also use the manual process for installing certbot documented on the Let’s Encrypt page (certbot-auto).

Note that none of the options for CentOS 6 (and Debiab 8) work for wildcards.

Thank you! I searched all over the place for an answer and didn’t easily find one. I looked at the certbot-auto install but my attempt using that failed. Not sure what flags it needs to work in conjunction with Webmin. I do still have a couple of CentOS 6 servers running and hope my next installs will be CentOS 8 but do realize it might be a while for that to be supported in Webmin/Virtualmin.