One of my websites has a lets encrypt certificate that was reaching its expiration but when I renewed it through virtualmin my nginx started crashing with:
How exactly a block of that virtual server (domain) Nginx config that loads certificates look like? Does it look the same compared to other, previously working domains (which weren’t changed)?
This is odd, as it should be ssl.combined in fact. Did you by any change edit ssl.combined manually? Nginx is susceptible to certificates order.
I would suggest the following to fix an issue:
Disable Nginx and Nginx SSL website feature for offending domain (using Edit Virtual Server page)
Restart Nginx so other sites would work
Delete SSL certificates for this domain, using virtual-server.name - Server Configuration ⇾ SSL Certificate page (preferably) or manually but make sure not to restart any other services on the system not reboot!
Next re-enable Nginx and Nginx SSL website features
Unless certificate is automatically requested, request it manually
No, but to make sure, I re-requested the certificate and still received the error. I followed all the steps (including manually deleting ssl.*, not restarting any services or rebooting, and then manually requesting through server config > ssl certificate > lets encrypt) and am still getting the SSL: error:0B080074.
I think what happened was that the server’s lets encrypt configuration got confused with the certificates it had and I manually set the certificate and key in ssl certificate > update certificate and key. I’ve never had an issue with this before until now, as this is what I had to do when subservers occasionally wouldn’t pick up the root server’s certificate. Once thats done though, virtualmin recognizes that the sub server is sharing with the root server.
FWIW, webmin can use the certificate requested just fine
I have just specifically spun up Rocky 9 with Virtualmin LEMP stack to test it and it worked for me straight forward. LE SSL certificate was successfully requested on the wizard setup stage.
What I’ve figured out is that newly created subdomains work and don’t produce the nginx error. What I did was save all settings/files/configs and delete and recreate each subserver and now nginx is working.
the newly created virtual servers all use ssl.cert: