Securing Virtualmin/webmin

kdmiller45 · December 30, 2021, 4:17pm

SYSTEM INFORMATION

**OS type and version:Ubuntu 20.04
**Webmin version:1.981
**Virtualmin version:6.17-3 Pro
**Related products version:Coppermine installation

Do I need to secure Virtualmin/Webmin
the links show Installed URL https://millerwebtech.com/coppermine/

show it secured although I have not installed letsencrypt

unborn · December 30, 2021, 8:57pm

hi, that link is dead, directory not found aka 404… your site is serving via Https but self singed…which is fine if you using it for yourself or your team… perhaps I don’t understand what are you asking…please elaborate.

kdmiller45 · January 1, 2022, 4:21pm

Sorry learning about virtualmin try this link http://ourlifeinpixs.com

trying to obtain a letsencrypt SSL

Joe · January 2, 2022, 8:39am

You’re not asking very good questions here.

What problem do you have when requesting a Let’s Encrypt certificate in Virtualmin?

kdmiller45 · January 2, 2022, 11:48pm

Checking external connectivity for ourlifeinpixs.com …
… errors were found, which will prevent Let’s Encrypt from issuing a certificate :

Failed to check connectivity : HTTP/1.1 503 Service Unavailable

A NOTE: [
DNS INSPECT (https://www.dnsinspect.com/) finds only one error
Name Servers Agreement on Serial Number

WARNING: We found different serial numbers on your name servers, it’s OK if you had modified your zone recently.

173.201.70.3: 2022010201
2603:5:2160::3: 2022010201
2603:5:2260::3: 2022010202
97.74.102.3: 2022010201

Having different serials on your name servers may show inconsistencies between name servers configuration (multiple masters), or communication errors (ACL and firewall issues).

Report created on: Sun, 02 Jan 2022 23:44:44 GMT

Share this report: | permalink

Parent		100
NS		100
SOA		88
MX		100
Mail		100
Web		100

Joe · January 3, 2022, 1:14am

There’s pretty much only two causes of Let’s Encrypt validation not working:

DNS is wrong. It’s not pointing where you think it is for all of the names you’re trying to issue a cert for.
Something is sucking up the request to the .well-known directory where Let’s Encrypt puts the validation file. You have a web app running on this domain…I have to assume this is your problem. Make sure whatever redirects, proxy rules, htaccess rules, you have for the web apps you have running are allowing Apache to serve the .well-known path from the file system.

Joe · January 3, 2022, 1:20am

Oh, also, please include relevant log entries for any follow ups. A 503 will have an entry in the error_log for this domain, and that entry will provide more information than the browser will ever have.

kdmiller45 · January 4, 2022, 4:48pm

Letsencrypt issued the Cert, it was the function of VitualMin’s connection routine that was failing, a later post was attached and found there was a ticket in for this issue and is supposed to be fixed in the next release

Keith

system · January 12, 2022, 4:49pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.