[Solver] Nginx not listing websites and Let's Encrypt not working

Greetings !

Distribution : Centos 7.5.1804

Virtualmin Version : 6.05

I have two servers, both with VirtualMin.
The first server has some weird issues, it was the first time I discovered VirtualMin.
The second one is fine.

My first server has issues like :

  • Nginx was installed in /opt/ , which makes the Nginx panel useless because it wont work even when settings are routed to /opt/nginx/

  • SSL won’t work properly, so I had to install certbox myself

  • Issues with permissions

  • I had problems with PHP and had to reinstall PHP-FPM and make changes manually to make it all work

On my second server I can see nginx was properly installed in /etc/nginx, not /opt

I would like to correct these issues myself so I can enjoy having a panel.

Could you point me in the right directions ? Can I edit settings to make my installation great again ?

Thank you !
Best Regards,

I did not find out why the config files where in /opt/, but I was able to make work the listed vhosts of the Nginx Module by simply setting up the Module Config at the top left of Webmin > Servers > Nginx WebServer page.

The setting that I forgot is “File or directory for new virtual hosts”. I set it up as /opt/nginx/conf/vhost/* and no all works !

Next step is to repair the SSL dashboard, which doesn’t work. I installed manually certbot in order to make certificate generation work.

Why do a lot of you guys didn’t read the docs before doing things also forumguidelines. ( posting versions and more…) :wink: https://www.virtualmin.com/node/53663

Certbot is not used by the Virtualmin own LE script sofar i know.

Then for getting support for this certbot and related problems should be harder to get here. ( i think)

CERTBOT forum??


My apologies for the guidelines.

This is in no way about LE itself, I just said that I installed it manually because the script doesn’t work.
In fact, it is related to the way VirtualMin works.

I found why the script was stopping :

  • I added domains to the nginx configuration without creating a virtual server
  • Some of these domains are not on a public port, like mail.mydomain.com
  • The script will try to create /.well-known-acme-challenge/ in the root directory
  • Let’s Encrypt will try to access the public address to look for the temporary /.well-known/acme-challenge/ entry created
  • Let’s Encrypt will not find it
  • For Laravel and other frameworks having a /public/ folder, you will have to specify that the webmin Virtual Server’s root folder is /public_html/public/ and not only in the Nginx configuration. The LE script will try to get the folders from the public_html folder related to the webmin Virtual Server and not the Nginx server’s root.
    You can public_path_html of the webmin virtual server by following these steps : https://www.virtualmin.com/comment/765941#comment-765941

This can also happen if you have an access control on the domain or an HTTP(s) rule.

Hihi Guidelines the part about versions and wich OS? :wink:

With the mail. and some others subs and LE there are a lot of problems and also some solved in this forum here don’t know if your case could be… some have to change with a list alias… Nginx dont’ know sorry

If subscription then open a support sticket.?

Yes I updated my original post. :slight_smile:

I don’t need assistance anymore as I found the issues in my answer.
I have to say that using VirtualMin is seriously awesome, even though I know how to do it manually, but the scripts provided with VM are not always working.

So if someone ever has problems with Let’s Encrypt and VirtualMin/WebMin, remember one thing :

  • Your website has to be publicly accessible, even for a few minutes, so that the SSL can be generated
  • Make sure your VirtualMin Domain has the right public_html_path, even if you set the right root path in the nginx conf, it will not be enough for the LE script.
  • Make sure your Nginx conf is calling the ssl.combined certificate if you’re having multiple domains and the conf was already generated :
ssl_certificate /home/your_website/ssl.combined; ssl_certificate_key /home/your_website/ssl.key;

Also, for a perfect grade SSL, add the following configurations to your NGINX conf :

server_tokens off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_ciphers “HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES”;