When I change the hostname, the original SSL for ._default_hostname naturally becomes invalid. How can I reapply for Let’s Encrypt for the new hostname?
you could use the method built into webmin to do it
webmin->webmin configuration->ssl encryption->lets encrypt
depending how your server is set up you may have to play with the options a bit most likely you will have to use certbot to request the certificate
If you want to reduce tech support from customers whose domain has an issue (say it has expired) and their email client tells them that it is a problem with the server then use the hostname for incoming server and outgoing server in email clients.
To do that the hostname needs a certificate.
There could be other reasons for a hostname needing a certificate but, for me, this is the most practical one.
So: the customer’s domain has expired and he is using our hostname for incoming and outgoing server. The customer calls and says I am not receiving new mail. We respond with, hold one a minute, oh, your domain has expired. Click this link to renew it.
Versus
Customer’s domain has expired and he is using his domain for incoming and outgoing server. The customer calls and says THE EMAIL SOFTWARE SAYS THERE IS A PROBLEM WITH THE SERVER. We respond with oh, your domain has expired. And the customer says BUT IT SAYS HERE CONTACT THE SERVER ADMINISTRATOR AND THAT IS YOU!!
hostname for incoming server and outgoing server in email clients
I always give the clients there domain name for mail address in there settings, like mail.theredomain.com, I’ve never given out the hostname for that job and the client shouldn’t need to know the hostname. But if you do it that way you do need a certificate.
I can’t see hosting services like godaddy giving the hostname of there servers to do there clients mail.
My needs are a bit different from yours: we offer complete VPS solutions and install Virtualmin for our clients. This issue won’t arise if only vhost is provided.
I would like to continue asking for your advice: During the installation process, the entered hostname (e.g., abc.com) is eventually created as a vhost under /home/._default_hostname. To change this hostname, I tried modifying it in Webmin - Network Configuration to the new hostname (e.g., xyz.com), and also changed abc.com to xyz.com in Webmin - Servers - Nginx Webserver. However, when I attempted to update Let’s Encrypt using the method you suggested, it still failed. Could I be missing something?
Is this not like giving a 14 year old the keys to a sports car and saying to them “go and play” a large percentage of clients have no idea on how the linux enviroment works and may apply windows mentality to the situation. That said if your setting up VPS solutions you should be perhaps using cloudmin rather than virtualmin, which allows you to deploy multiple instances of virtualmin ( 1 per client ) then your problem goes away, it’s up to your clients to understand how to use virtualmin.
Your hypothetical statement is completely unrelated to our actual application scenario. Remember, the client’s needs are multifaceted, and without directly addressing them, assumptions are always partial and subjective.
I suspect this means that if a virtualmin configuration check is made, the change in hostname will be detected. It might also be detected when the cert expires.
If you set the setting to Yes, and have it configurable you can navigate to the hostname’s virtual server and perform a manual certificate update.