[SCRIPT] Let's Encrypt for Virtualmin


Since I first heard about Let’s Encrypt I was keen to see how it will work.
Now it is live and working, so I tested some solutions found on the web.
Because I couldn’t find a solution to satisfy my needs, I have developed a script to do just that.

Disclaimer: the script also includes pieces of code from various places/authors. Sources are stated in readme.txt
I would like to thank all the contributors for their time and effort.

What is Let’s Encrypt?
On point, free SSL certificates. For more information visit Let’s Encrypt

What is does?
In manual mode, it reads domain names from a flat file, enables SSL on Virtualmin (if not yet enabled), generates SSL certificates with letsencrypt and activates them.
In automatic mode, it detects domains with SSL enabled from Virtualmin, generates SSL certificates with letsencrypt and activates them.

More information here
Direct download here

To get started, please read docs/readme.txt first
Hope it will be useful to Virtualmin users

Cool stuff.
What do you think about extending for giving the option to use the cert for dovecot, postfix, usermin, webmin, proftpd etc, and automatically copying the certs there, if setup in a config file?

The more automation the better :slight_smile:

Thanks for your effort!



I have thought of that but unfortunately, Virtualmin does not have a cli command to accomplish this setup, as least not one that I know of.
if something comes to mind, I’ll be sure to make it happen.

Well, Joe, Eric, any idea? lol

On the other hand. if my cert is for https://example.com and someone enters https://www.example.com, he will get the self-signed cert which will claim to be untrustworthy. If i want to create a cert for www. Virtualmin won’t let me.

What am i doing wrong?

Are you using the script provided in the 1st post?
Or are you using the built in Virtualmin procedure?

If you are using the script provided in the 1st post, it will generate a certificate for example.com and www.example.com at the same time.

Some extra info?

I downloaded your script(s). Just wanted to say I like how you commented your code and described exactly what is being done. It makes it really easy to understand the code and potentially reuse it elsewhere.

I guess you need a dedicated IP for each customer you activate SSL for ? right ?

I have the same problem. Using the tool on the cli i can create a certificate for my domain including the www. . So i can create a cert for domain.tld and www.domain.tld.

Using the Virtualmin let’s encrypt module i can only create the domain.tld certificate and not the www.domain.tld cert. It wil error on ‘Failed to request certificate : The domain name does not need to have www at the start’ . But it does matter since i get only a cert for domain.tld

You can use SNI.

yep but then lot of customers might have issues to access websites on my server :frowning: