Hi.
I have set up Virtualmin on a new Ubuntu Linux 18.04.4 server and it works great. I have created virtual servers and I can generate Let’s Encrypt certificates for all of them without any problems.
The only domain I’m having a problem with, is the domain matching the server’s hostname.
Let’s assume the server’s hostname is “sub.example.com”.
All the necessary DNS records have been set up on an external DNS server (Cloudflare). There’s an A-record for both “example.com” and “sub.example.com”, both pointing to the server’s IP address (that’s the same IP address). (Note that I have disabled DNS proxy for the DNS records on Cloudflare, so that’s not interfering with anything).
I have created a virtual server and website for “example.com”. I have also made that the default website for the server, by setting the option under Virtualmin > Server Configuration > Website options > Default website for IP address. It worked fine. When I upload files to the “example.com” website, the files are accessible from both “http://example.com/file.txt” and “http://sub.example.com/file.txt” (the latter being the server’s hostname).
I have tried two approaches In order to generate a Let’s Encrypt certificate for the server’s hostname “sub.example.com”.
Firstly, by going to Webmin > Webmin Configuration > SSL Encryption > Let's Encrypt.
By default, the server’s main IP address was displayed under “Hostnames for certificate”. I changed that to match the server’s hostname, “sub.example.com”. Under the “Website root directory for validation file” option, I chose the “A different Apache virtual host” option and set it to “example.com” (because that was set to serve requests made to the server’s hostname).
However, the certificate generation failed with error: ValueError: Wrote file to /home/example.com/public_html/.well-known/acme-challenge/foo, but couldn't download http://example.com/.well-known/acme-challenge/foo
That’s strange, since when I upload content to the “example.com” virtual server, is also accessible “http://sub.example.com/” - I have tested it.
Secondly, I have tried to solve the problem by creating a new virtual server for the server’s actual hostname, “sub.example.com”. When the server was created, the Let’s Encrypt certificate generation failed. However, all uploaded files are accessible via “http://sub.example.com”, as expected. I also set the option of the virtual server to be the “Default website for IP address”.
When I try to generate a certificate for the server by going to Virtualmin > Server Configuration > SSL Certificate > Let's Encrypt, I get the same type of error: ValueError: Wrote file to /home/sub.example.com/public_html/.well-known/acme-challenge/foo, but couldn't download http://sub.example.com/.well-known/acme-challenge/foo
Again, that’s strange, since I can verify that anything uploaded to the server’s website is accessible via “http://sub.example.com/whatever.file”.
The only domain that has a problem with certificate generation is the domain matching the server’s hostname (sub.example.com). Certificate generation for any other virtual host with any other domain (even for “example.com”) works fine.
Please help me find a solution to the problem.