I used Virtualmin v. 6.02 to generate Let’s Encrypt SSL certificate successfully:
Server Configuration - Manage SSL Certifikate - Let’s Encrypt - Request certificate
(Monthts between automatical renewal: 2)
After 60 days, Certbot auto-updated SSL certificates successfully.
New certificates are stored in:
/etc/letsencrypt/live/MYDOMAIN/cert.pem (symlink to /etc/letsencrypt/archive/MYDOMAIN/cert2.pem)
/etc/letsencrypt/live/MYDOMAIN/privkey.pem (symlink to /etc/letsencrypt/archive/MYDOMAIN/privkey2.pem)
But updated certificates are not used by apache or virtualmin.
Virtualmin created his own copies of certificates in:
/home/MYDOMAIN/ssl.cert
/home/MYDOMAIN/ssl.key
, which contains old versions of certicates.
Can I get Virtualmin to use automatically the current version of the certificate?
I saw some very complicated procedure below to enable Let’s Encrypt certificates. But is there some easier method? Without need to create manually “extra long” crontab record for each secured domain separately?
Great post. Can you kindly give steps you took to ensure that auto renewal works. In my case auto renewal is not working.
What are the commands or steps you took to make it work? Kindly advise
then install certbot by SSH
sudo apt-get install python-certbot-apache -t stretch-backports
sudo certbot --apache
(I didn’t activated SSL now for any domain).
Then I connected Certbot and Virtualmin:
Webmin - Webmin configuration - cog icon - Full path to Let’s Encrypt client command: /usr/bin/certbot
(I needed first to find certbot location, it deffers for each system).
Then I activated SSL for some domain through Virtualmin:
Virtualmin - Edit virtual server - Enabled features - Apache SSL website enabled: check. Save virtual server
Everything worked fine untill auto update. Then I found that Virtualmin uses it’s own copy of generated certificate and doesn’t update the copy after certbot auto-update.
Hello user unborn. Thank you for your reply.
Can you please suggest a solution to the issue of why virtumin copies the certificate to a different location than /etc/letsencrypt/live/* and why does it not update the certificate after automatic update?
I do not have an XMPP client installed now and I think it would be useful information for other forum readers as well. Thanks a lot!
Hello user unborn. Thank you for your reply. Can you please suggest a solution to the issue of why virtumin copies the certificate to a different location than /etc/letsencrypt/live/* and why does it not update the certificate after automatic update? I do not have an XMPP client installed now and I think it would be useful information for other forum readers as well. Thanks a lot!
Hi Safael, well first of all I repeat - I run debian which is not centos and I have no glue if you running centos or anything else. regards the issues I would look at /var/logs and read the logs regards your error. - then I would go from there. Also note please that virtualmin have nice irc live chat with capable folks there, no xmpp need it…just feel free to chat at any time at #virtualmin on freenode.net.
Thank you for your help. OS is Debian 9 Stretch (mentioned above). I tried to reach you at freenode, but maybe we have different time zones (mine is CET, Prague). I’ll try again later. Thanks