Unable to Switch SSL Certificate into Elliptic Curve

Virtualmin
1
SYSTEM INFORMATION
OS type and version Rocky Linux v9.2
Webmin version 2.101
Virtualmin version 7.7
Related packages Let’s Encrypt

I received this message when trying to switch SSL certificate from RSA to Elliptic Curve:
Unable to change the --key-type of this certificate because --reuse-key is set. To stop reusing the private key, specify --no-reuse-key. To change the private key this one time and then reuse it in future, add --new-key

On creating a new virtual server, The SSL Certificate successfully requested, But can’t switch to Elliptic Curve, I tried to make the Elliptic Curve is the default for new Virtual Servers, from [Virtualmin > System Settings > Virtualmin Configuration > SSL Settings] and I deleted the Virtual Server and Re-Create it, But the SSL Certificate Request still RSA, I removed the Virtualmin Cache, But nothing help.

SSL Default Settings

Virtualmin-SSL-Default
Virtualmin-SSL-Default1112×589 103 KB

On Creating Virual Server - Succeeded

Requesting a certificate for DOMAIN.com, www.DOMAIN.com, mail.DOMAIN.com, admin.DOMAIN.com, webmail.DOMAIN.com from Let’s Encrypt …
… request was successful!

On Switch to Elliptic Curve Certificate - FAILED

Requesting a certificate for DOMAIN.com, www.DOMAIN.com, mail.DOMAIN.com, admin.DOMAIN.com, webmail.DOMAIN.com from Let’s Encrypt …
… request failed : Web-based validation failed :

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewing an existing certificate for DOMAIN.com and 4 more domains

Unable to change the --key-type of this certificate because --reuse-key is set. To stop reusing the private key, specify --no-reuse-key. To change the private key this one time and then reuse it in future, add --new-key.

Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

2

Hello,

Thanks a lot for the heads up! @Jamie, we indeed had a bug there. The fixes are here:

1 Like
3

WoW, Thanks,

Should I modify it in my Webmin files or wait for the next version?

4

It’s up to you.

5

When will you release the next version?

6

When it’s released, you will see it in the news, i.e.:

7

Many Thanks :slight_smile:

8

Thanks Ilia for the fix! Since this only happens when changing the default key type, I think it can wait till the next release (version 7.9).

9

Hope to not wait months for 7.9 :slight_smile:

10

I wouldn’t mind! But I’d prefer to put it to 7.8.1 instead, if possible.

1 Like
11

Sorry for the delay, I didn’t realize it,
No it failed before change the default type, I have changed the default to try to fix it but it failed also.

Thanks

12

You could apply the patches from the links above, restart Webmin and try again – it should work then.

13

Still on vmin 7.7 and webmin 2.101, I know about webmin modules but don’t know how to update vmin

14

Do you mean you don’t know how to edit the source code?

15

No :grinning: Upgrading from 7.7 to 7.8 manually, I’m waiting to appear in the webmin GUI (update packages).

But know about upgrading webmin from Webmin Modules

Thanks

16

You won’t miss it, you should see updates in the GUI almost every week.

1 Like
17

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.