SYSTEM INFORMATION
| Key | Value |
|---|---|
| OS type and version | Ubuntu Linux 24.04.3 |
| Virtualmin version | 7.40.1 |
Introduction
Hi everyone,
I’m new to Virtualmin. My goal is to migrate from Plesk to Virtualmin (GPL version for now).
The issue
I’m using Cloudflare DNS without proxy (only DNS mode).
When I create a virtual server, Let’s Encrypt certificates are generated correctly only if the DNS record already points to the Virtualmin server IP.
If not a Virtualmin server is created with a Self-Signed certificate and I will be no more able to fix the SSL issue even after creating the DNS that point to the domain.
When I go to Manage virtual server > Setup SSL certificate > SSL Provider Let’s encrypt always fail.
If I remove the virtual server (loosing all files etc) then re-add the SSL is correctly added.
Issue with emails configuration
Example 1:
If host.domain.ext points to the Virtualmin IP, I can create a new virtual server and Let’s Encrypt works fine — the domain is correctly secured with SSL.
This was also true for the first domain created, which I use to access the Virtualmin panel.
Example 2:
Now suppose I add domain.ext in Virtualmin, and in Cloudflare there’s only one DNS record pointing domain.ext → Virtualmin IP.
The virtual server is created correctly, and SSL for domain.ext works fine.
But when I try to create an email address like email@domain.ext, it doesn’t work because Virtualmin expects a mail.domain.ext DNS entry.
Trying to fix it
If I add a DNS record for mail.domain.ext (pointing to the same IP) and try to open it in the browser, the connection is not SSL-secured.
If I try to create an alias server for it, I get this error:
Failed to create virtual server: The domain
mail.domain.extis already hosted by your Apache webserver.
My questions
- How can I secure
mail.domain.extproperly to use it for IMAP/SMTP? - On Plesk, I used
domain.ext(notmail.domain.ext) for mail services.
- I saw that I can change the mail hostname under System Settings → Server Templates → Mail domain, editing the text file shown — but this didn’t make mail work either. Also after edit that file there is no way to reset edits?
- Is there a way to issue an SSL certificate after DNS is updated?
- Currently, if I create a new virtual server before DNS exists, it gets a self-signed cert.
- Later, after DNS points to the server, Let’s Encrypt always fails unless I delete and recreate the virtual server.
Any advice on the best way to configure this properly?
Another test:
As for main domain I’m unable to made SSL and mail working I created a test subdomain.
test.domain.ext- I created on CloudFlare a DNS that point this to the Virtualmin IP.
- I created added the virtual host
- Loaded in the browser test.domain.ext and certificate was working.
- I forget to create on Cloudflare all email records included
mail.test.domain.comso I created it but nowmail.test.domain.comis not SSL covered. - I go to manage virtual server, setup ssl certificate, ssl providers.
- I tried to issue a certificate but I get the error of missing DNS record on Cloudflare No TXT record found at _acme-challenge.test.domain.ext
- If I check on DNS settings, records I cannot find this record so where to find and how to add to Cloudflare for retry?
Maybe i should not request wildcard as I’m using Cloudflare so I try to issue just a certificate for mail.test.domain.ext but I get:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: mail.test.domain.ext
Type: unauthorized
Detail: xxx.xxx.xxx: Invalid response from http://mail.test.domain.ext/.well-known/acme-challenge/randomstring: 404
It seems that compared to plesk I have difficulty understanding how to manage SSL and mail on virtualmin. Seems if all DNS record for domain SSL are present on Cloudflare is present before add a virtual server then SSL are generated, if not and I add records later to Cloudflare I’m unable to issue SSL certificate.
Thank you in advance for your time, reply and patience.
