Something seriously wrong with SSL on ns40

ns40.byzland.com has a valid cert from lets encrypt; But on the browser, it is not loaded. Instead cert for sumu.name is loaded for ns40.byzland.com!

Copy SSL certificates to services does not work for many virtual servers on machine, ns40.

Tested with a second browser, same error.

ns40 is the fastest machine/server with SSD and public IP from ATT running Virtualmin pro.

SYSTEM INFORMATION
OS type and version Rocky Linux 8
Webmin version REQUIRED
Virtualmin version REQUIRED
Related packages SUGGESTED

Update 1:

Same error for courses.goperl.com: cert from sumu.name is sent to browser instead of the actual domain courses.goperl.com.

Certs Details:

ns40.byaland.com :

[root@ns40 ~]# virtualmin get-ssl --domain ns40.byzland.com
cn: ns40.byzland.com
issuer_cn: R3
issuer_o: Let's Encrypt
notafter: May 21 15:15:38 2022 GMT
type: Signed by CA
alt: admin.ns40.byzland.com
alt: mail.ns40.byzland.com
alt: ns40.byzland.com
alt: webmail.ns40.byzland.com
alt: www.ns40.byzland.com

course.goperl.com :

[root@ns40 ~]# virtualmin get-ssl --domain courses.goperl.com
cn: courses.goperl.com
issuer_cn: R3
issuer_o: Let's Encrypt
notafter: May 16 01:49:35 2022 GMT
type: Signed by CA
alt: admin.courses.goperl.com
alt: autoconfig.courses.goperl.com
alt: autodiscover.courses.goperl.com
alt: courses.goperl.com
alt: mail.courses.goperl.com
alt: webmail.courses.goperl.com
alt: www.courses.goperl.com

update 2 :

But SSL for courses.a2z.blue, running on the same machine, is OK.

[root@ns40 ~]# virtualmin get-ssl --domain courses.a2z.blue
cn: courses.a2z.blue
issuer_cn: R3
issuer_o: Let's Encrypt
notafter: May 17 02:09:15 2022 GMT
type: Signed by CA
alt: admin.courses.a2z.blue
alt: courses.a2z.blue
alt: mail.courses.a2z.blue
alt: webmail.courses.a2z.blue
alt: www.courses.a2z.blue

Update 3 :

An example screen recording of action copy ssl certs to services. Yet, the cert is not from the actual subdomain, in this case, sneha.biblelegacy.com.

Update 4 :

cert details of sumu.name:

[root@ns40 ~]# virtualmin get-ssl --domain sumu.name
cn: sumu.name
issuer_cn: R3
issuer_o: Let's Encrypt
notafter: Apr 24 15:02:05 2022 GMT
type: Signed by CA
alt: admin.sumu.name
alt: autoconfig.sumu.name
alt: autodiscover.sumu.name
alt: mail.sumu.name
alt: sumu.name
alt: webmail.sumu.name
alt: www.sumu.name

Update 5:

Got this error while trying to send a support ticket for this issue:

Collecting domain validation report and config check ..
.. done.
Collecting detailed system information ..
.. done.
Sending support ticket to virtualmin.com ..
.. failed with HTTP error : HTTP/1.1 403 Forbidden

@bislinks,

You need to turn on SSL for the Virtual Server by checking “Apache SSL Website enabled” (or equiv for Nginx) otherwise the web server will serve up the “default” webpage that has SSL enabled if any.

You can adjust your Virtual Server by going to:

Edit Virtual Server > Enabled Features

It is enabled

@bislinks,

Not based on what I see when I go to:

https://ns40.byzland.com

Bring up that page shows the site of “sumu.name” which means Apache or Nginx does not have an SSL configuration for “ns40.byzland.com”.

That error happens to multiple virtual servers on this machine.

Here is screen shot of ssl enabled

While here, go to Lets Encrypt, request a new certificate and then try the web site. If you only got 1 IP, you can only copy to services for that domain, you can’t do it on mulitple domains. Weird the web site is getting effected.

Steve

Requesting a new SSL certificate from Lets Encrypt always works, for all domains/subdomains!

1 Like

Just to clarify.

As far as I have seen/done, copy ssl certs to services works for all domains and subdomains. Whereas, Set as default services certificate can be done to only one domain.

In my case, I always do it for byzland.com on every machine with it’s own ip.

@bislinks

please sort your dns records out… you see this issues as your dns are setup bad. suru.name is not valid domain name for domains where you seeing this… its dns error… please check your firewall. Do not copy or etc, clean your domain and then re-issue request and once corrected dns records on your server have look who edited those records… - remove it and you should be fine.

It’s not suru.name but sumu.name

@bislinks okay fair enough - still malicious right? same stuff just different name.

Validation shows no error.

Beginning validation of selected virtual servers. Any problems found will be shown in red ..
sumu.name
All features OK

As far as DNS, removed all name servers but two (ns1 and ns40)

Please let me know if you found any anomaly in particular with DNS for sumu.name!

While checking for DNS errors at DNS Checker - DNS Check Propagation Tool did not find any!

Got it. Resolved. it was IP6 problem. Shared IP6 address was wrong.

Thanks for your help/time.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.