SSL LetsEncrypt fails due to webmail.domain.tld usermin port 20000 redirection

On Ubuntu 18.04.5 with Webmin (1.973), Virtualmin (6.16.gpl), Usermin (1.823) latest versions upgraded in the last 12 hours we’ve begun hitting an error that we haven’t experienced previously.

Updating module virtual-server to version 6.16.gpl. Latest version of Virtualmin.

Apparently due to Usermin and the webmail module on port 20000 combined with the regular apache web-server redirect from http://webmail.domain.tld to http://domain.tld:20000 and consequently Let’s Encrypt not being able to access it, with:

Domain: webmail.domain.tld
Type:   connection
Detail: Fetching https://domain.tld:20000/: Invalid port in redirect target. Only ports 80 and 443 are supported, not 20000

Hi @Iam-TJ ,

Usermin runs on port 20000 on your main domain without the WWW. In theory thus, all that Let’s Encrypt should care about for is there a SSL certificate on the domain.tld part when it comes to Webmail.domain.tld.

I’ve seen a similar situation whereby in the Apache CONF files where is a virtual domain alias webmail alias record. Now because of that, the Let’s Encrypt script tries to also get a certificate for webmail, but runs into that redirection problem. In my opinion Virtualmin doesn’t need or use HTTPS for webmail so some choices:

  1. Remove from Apache CONF
  2. Don’t use redirection

I have one system whereby I use Roundcube instead on the Webmail address and there I needed the HTTPS for Let’s Encrypt.

There might be better replies too from the community.