Securing Virtualmin/webmin

**OS type and version:Ubuntu 20.04
**Webmin version:1.981
**Virtualmin version:6.17-3 Pro
**Related products version:Coppermine installation

Do I need to secure Virtualmin/Webmin
the links show Installed URL

show it secured although I have not installed letsencrypt

hi, that link is dead, directory not found aka 404… your site is serving via Https but self singed…which is fine if you using it for yourself or your team… perhaps I don’t understand what are you asking…please elaborate.

Sorry learning about virtualmin try this link

trying to obtain a letsencrypt SSL

You’re not asking very good questions here.

What problem do you have when requesting a Let’s Encrypt certificate in Virtualmin?

Checking external connectivity for …
… errors were found, which will prevent Let’s Encrypt from issuing a certificate :

  • Failed to check connectivity : HTTP/1.1 503 Service Unavailable

DNS INSPECT ( finds only one error
Name Servers Agreement on Serial Number

WARNING: We found different serial numbers on your name servers, it’s OK if you had modified your zone recently.

  • 2022010201
  • 2603:5:2160::3: 2022010201
  • 2603:5:2260::3: 2022010202
  • 2022010201

Having different serials on your name servers may show inconsistencies between name servers configuration (multiple masters), or communication errors (ACL and firewall issues).

Report created on: Sun, 02 Jan 2022 23:44:44 GMT

Share this report: | permalink

Thumbnail for

Parent 100
NS 100
SOA 88
MX 100
Mail 100
Web 100

There’s pretty much only two causes of Let’s Encrypt validation not working:

  1. DNS is wrong. It’s not pointing where you think it is for all of the names you’re trying to issue a cert for.
  2. Something is sucking up the request to the .well-known directory where Let’s Encrypt puts the validation file. You have a web app running on this domain…I have to assume this is your problem. Make sure whatever redirects, proxy rules, htaccess rules, you have for the web apps you have running are allowing Apache to serve the .well-known path from the file system.

Oh, also, please include relevant log entries for any follow ups. A 503 will have an entry in the error_log for this domain, and that entry will provide more information than the browser will ever have.

1 Like

Letsencrypt issued the Cert, it was the function of VitualMin’s connection routine that was failing, a later post was attached and found there was a ticket in for this issue and is supposed to be fixed in the next release


This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.