| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu Linux 20.04.4 |
| Virtualmin version | 7.1-1 |
a few days ago my ssl certificate expired and was manually renewed, after renewing I noticed that my email domain was still unprotected, I thought it was something temporary but it’s been five days and the problem continues, when I search my domain in the browser the certificate information shows that it has expired, but in virtualmin shows that it’s renewed, does anyone have any idea what it could be?
Could be a browser caching issue. Try using a different browser or device and see if the new certificate is detected or not.
I tried that too, switched browsers, internet and networks, and the problem continues, expired certificate in all browsers, but in virtualmin everything is fine.
it could be some updating problem?
I tried verifying my domain in SSL SHOPPER and the result shows the renewed certificate with no problems.
This strengthens my suspicion that it’s a cache issue tbh. Try checking from a device that you haven’t visit the domain from recently.
It could be very much cache in browser however after cleaning it up you might reboot Apache not server as whole just Apache…then load the page as https and see.
unfortunately no results either, tried cleaning the cache in all my browsers and rebooting apache, and the problem continues, and is not only in my local network, for every access outside still shows certificate expired
Can you share a link to this affected domain?
When you renewed did you include mail.borana.com.br
yes, matter of fact was the only one selected to renewing
Right, so you set the domain as mail.borana.com.br not borana.com.br?
That mail. Link is working fine but uses self signed cert. There is somewhere button which let you copy SSL cert from domain to mail etc… I think it’s on domain SSL tab in bottom.
my bad, my domain is borana.com.br, mail is a virtual host
could you show me the steps to copying the cert from domain to mail, if I’m not asking to much, i’m pretty much a begginer on virtualmin
Select borana.com in the list of Virtual Servers. Go to Server Configuration - SSL Certificate - on the 1st tab (that says Current Certificate), there should be a button at the bottom that says:
Set As Default Services Certificate - Use this SSL certificate as the default in Webmin, Usermin, Dovecot, Postfix and ProFTPD
Hitting that button should set that cert for mail, etc.
HIH
Dibs
done, but the problem still insists, even after cleaning the cache of my browsers and rebooting apache, I wonder if this error on my domain has something to do with it:
Select borana.com in the list of Virtual Servers. Go to Server Configuration - SSL Certificate - on the last tab (that says Let’s Encrypt), what does it say? The hosts?
and in the log - /var/log/letsencrypt/letsencrypt.log - what does it say?
If you are setting an existing cert to the Default one - i wouldn’t expect it to try to renew it\etc.
Cheers
Dibs
just for safety measurements, is it safe to be sharing these kind of information?
Telling us (and the world) what hostnames are in the cert or what entries are in the letsencrypt.log (assuming the log doesn’t hold keys etc, which I hope it shouldn’t)- I can’t see a bad actor doing anything with that info. By all means anonymize it, but not too much that it becomes useless.
From the picture you posted - on the surface of it: web-based validation failed. This you need to figure out what is going on.
Cheers
Dibs
I was wrong before, my domain in reality is mail.borana.com.br, when I try to request a certificate CSR for it using lets encrypt, it results in this error below, it cannot find the key for validation, some kind off directory problem, it could be some problem with mailcow wich is the mail server i’m using, and the nginx?
