| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu 22.04.3 |
| Virtualmin version | 7.8.2 |
| Webmin version | 2.101 |
I’m very new to Virtualmin, managing this as a volunteer for a non-profit. We stood up 6 total virtual servers, mostly running apps, not websites. One of those is the parent virtualmin virtual server.
Recently noticed certificate renewals were not working. Managed to get DNS manual renewal done this morning on the pressing ones. I can’t do the provider’s one via DNS because I don’t own their domain, and I don’t want to leave any of these on a manual DNS process, so I’d like to work through the apache configuration needed to bypass the certbot requests through our https redirects. I don’t seem to be able to find the right search terms online.
Doing a certbot renew dry run right now yields this output.
Processing /etc/letsencrypt/renewal/chat.lpnc.org.conf
Account registered.
Simulating renewal of an existing certificate for chat.lpnc.org
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: chat.lpnc.org
Type: unauthorized
Detail: 216.249.103.13: Invalid response from Mattermost 500
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
We redirect everything on this particular virtual server to the app port it runs on, so I think we need to bypass the requests specific to certbot. Anyone know the terminology or syntax to do so?
Looks like I would want to prevent any URL that includes this from getting redirected to the app’s port:
.well-known/acme-challenge/