Here is the letsencrypt.log
2024-10-09 13:19:32,284:DEBUG:certbot._internal.main:certbot version: 1.22.0
2024-10-09 13:19:32,285:DEBUG:certbot._internal.main:Location of certbot entry point: /bin/letsencrypt
2024-10-09 13:19:32,285:DEBUG:certbot._internal.main:Arguments: [‘-a’, ‘webroot’, ‘-d’, ‘webmail.preflooring.com’, ‘-d’, ‘mail.preflooring.com’, ‘-d’, ‘autoconfig.preflooring.com’, ‘-d’, ‘autodiscover.preflooring.com’, ‘–webroot-path’, ‘/home/preflooring/public_html’, ‘–duplicate’, ‘–force-renewal’, ‘–non-interactive’, ‘–agree-tos’, ‘–config’, ‘/tmp/.webmin/933008_3176651_4_collectinfo.pl’, ‘–rsa-key-size’, ‘2048’, ‘–cert-name’, ‘webmail.preflooring.com’, ‘–reuse-key’]
2024-10-09 13:19:32,286:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-10-09 13:19:32,336:DEBUG:certbot._internal.log:Root logging level set at 30
2024-10-09 13:19:32,338:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2024-10-09 13:19:32,342:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7fc422f7ed68>
Prep: True
2024-10-09 13:19:32,343:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7fc422f7ed68> and installer None
2024-10-09 13:19:32,343:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2024-10-09 13:19:32,358:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri=‘https://acme-v02.api.letsencrypt.org/acme/acct/96937123’, new_authzr_uri=None, terms_of_service=None), 3fcd6fbbb302cd9297c891639737c80d, Meta(creation_dt=datetime.datetime(2020, 9, 17, 21, 49, 31, tzinfo=), creation_host=‘mars.ew3d.com’, register_to_eff=None))>
2024-10-09 13:19:32,359:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-10-09 13:19:32,361:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-10-09 13:19:32,479:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/lib/python3.6/site-packages/urllib3/connectionpool.py”, line 601, in urlopen
chunked=chunked)
File “/usr/lib/python3.6/site-packages/urllib3/connectionpool.py”, line 344, in _make_request
self._validate_conn(conn)
File “/usr/lib/python3.6/site-packages/urllib3/connectionpool.py”, line 844, in validate_conn
conn.connect()
File “/usr/lib/python3.6/site-packages/urllib3/connection.py”, line 358, in connect
ssl_context=context)
File "/usr/lib/python3.6/site-packages/urllib3/util/ssl.py", line 354, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File “/usr/lib64/python3.6/ssl.py”, line 365, in wrap_socket
_context=self, _session=session)
File “/usr/lib64/python3.6/ssl.py”, line 810, in init
self.do_handshake()
File “/usr/lib64/python3.6/ssl.py”, line 1070, in do_handshake
self._sslobj.do_handshake()
File “/usr/lib64/python3.6/ssl.py”, line 648, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/usr/lib/python3.6/site-packages/requests/adapters.py”, line 449, in send
timeout=timeout
File “/usr/lib/python3.6/site-packages/urllib3/connectionpool.py”, line 639, in urlopen
_stacktrace=sys.exc_info()[2])
File “/usr/lib/python3.6/site-packages/urllib3/util/retry.py”, line 399, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)’),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/bin/letsencrypt”, line 11, in
load_entry_point(‘certbot==1.22.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python3.6/site-packages/certbot/main.py”, line 19, in main
return internal_main.main(cli_args)
File “/usr/lib/python3.6/site-packages/certbot/_internal/main.py”, line 1632, in main
return config.func(config, plugins)
File “/usr/lib/python3.6/site-packages/certbot/_internal/main.py”, line 1473, in certonly
le_client = _init_le_client(config, auth, installer)
File “/usr/lib/python3.6/site-packages/certbot/_internal/main.py”, line 793, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File “/usr/lib/python3.6/site-packages/certbot/_internal/client.py”, line 294, in init
acme = acme_from_config_key(config, self.account.key, self.account.regr)
File “/usr/lib/python3.6/site-packages/certbot/_internal/client.py”, line 59, in acme_from_config_key
client = acme_client.BackwardsCompatibleClientV2(net, key, config.server)
File “/usr/lib/python3.6/site-packages/acme/client.py”, line 875, in init
directory = messages.Directory.from_json(net.get(server).json())
File “/usr/lib/python3.6/site-packages/acme/client.py”, line 1236, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/lib/python3.6/site-packages/acme/client.py”, line 1174, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File “/usr/lib/python3.6/site-packages/requests/sessions.py”, line 535, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python3.6/site-packages/requests/sessions.py”, line 648, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python3.6/site-packages/requests/adapters.py”, line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)’),))
2024-10-09 13:19:32,482:ERROR:certbot._internal.log:An unexpected error occurred:
2024-10-09 13:19:32,483:ERROR:certbot._internal.log:requests.exceptions.SSLError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)’),))
I run my own nameservers. They are functioning properly.
What I cannot do is create a cert for mars.ew3d.com which is the hostname for this system. Each way I try is blocked by Virtualmin/Webmin. I had in the past been using Virtualmin which had an entry for mars.ew3d.com. I was trying to fix this to conform to Virtualmin 7.2 when I hit this issue.
I have tried each of the options in the Webmin config SSL area and none function. At the moment, I have it pointed to one of the mailserver alternative certs, or mail3.ew3d.com which does not have mars.ew3d.com included within that cert.
I think this issue is due to no cert for mars.ew3d.com. But I can’t find a method within Virtualmin nor Webmin to create one.