Hello, Is there a guide for generating a wildcard Let’s encrypt certificate with webmin/virtualmin somewhere?
I am trying to figure it out (Ubuntu 1804)
I have installed certbot via apt-get.
However I receive an error about DNS / domain not being in zone when i am trying to do it on webmin
my public IP address router portforwards all external trafic to port53 tcp/ubp to my webmin server.
Curiously, it seems a new feature with Bind9 is slave zones not appearing on the bind dns list.
so i receive an error:
Requesting a certificate for xxx.co.uk, *.xxx.co.uk, xxx.uk, *.xxx.uk from Let’s Encrypt …
… request failed : Web-based validation failed : Wildcard hostname *.xxx.uk can only be validated in DNS mode DNS-based validation failed : Neither DNS zone xxx.co.uk or any of its sub-domains exist on this system
and it seems quite common, as i have 4 different virtualmingp installs on different vps’s i have been working on over the last few days, all fresh installs with 1804.
anway it appears that Bind9 does not initially pick up the zones created in named.local.conf files.
I manually (Using bind9 gui) created a masterzone called test.com with my email address, and BAM all the bind dns master zones appeared.
This was checked accross several servers.
seems a bug in bind9 detecting virtualmin created zones initually!!
second bug: the certbot in ubuntu lts is out of date and cannot make wildcard certs,
Fix:
add the certbot ppa and upgrade to latest (certbot.org has a good guide)
bug 3, dns based validation can ONLY work if your virtualmin install IS your authoritive nameserver for the domain.
i have no clue why that has to be the case, but nevermind.
I have a dynamic updater on dyndns + duckdns + mikrotik homedns, so basically pointed my main domain and all my other domains from my registaers to my dynamic dns (telling the world this is the name server)