webmin on Ubuntu 14.04 LTS renewed Lets Encrypt certificate
on legacy website with “certbot-auto”
Hello,
I used the built-in Let’s Encrypt client to servce certificates for a Debian 8 installation utilizing nginx hosting several websites.
Renewal do not work anymore since this update and I tried to install certbot.
- I installed certbot from the jessie backports which comes with certbot version 0.10.2 which results in the renewal claiming about acme v1. This was expected as >0.28 is needed as far as I know.
- I de-installed certbot and tried to certbot-auto as suggested on https://certbot.eff.org/lets-encrypt/debianjessie-nginx (I’m not quite sure about the step 4 there, as I suspect this to write differend certificates in other directories or azeven requesting a single certificat for all of the 33 listed (sub-)domains listed while using sudo /usr/local/bin/certbot-auto certonly --nginx).
However this option does not lead to virtualimin recognizing certbot.
So, the questions are:
- Does anyone know an option to update certbot on Debian 8 jessie to a current version? I do not find anything.
- Is virtualmin able to handle the certbot-auto option?
Thanks all in advance and best regards
Christian
Yes, upcoming Webmin 1.941 will fix this issue for older distros.
Yes, certbot-auto should work. You don’t need the apache or nginx version; Virtualmin will use the standalone mode (I don’t remember if they’re packaged separately with the cert-bot auto install script…they are with the RPM/deb versions). You don’t need to run the commands yourself or setup scheduled renewals or whatever. Virtualmin will do it (assuming it finds the right certbot installation).
I tried this yesterday with no success. I will try again as soon as possible.
Thanks for the reply!
CentOS 7.7.1908 + Webmin 1.940 + Cerbot 1.0.0-1.el7
Cerbot stop working with these errors :
An error occurred requesting a new certificate for dev-applimeildev.virage-com.fr from Let's Encrypt : Web-based validation failed : <pre>An unexpected error occurred:
AttributeError: 'module' object has no attribute 'TLSSNI01'
Please see the logfile '/tmp/tmp23asXS/log' for more details.
</pre>
DNS-based validation failed : <pre>An unexpected error occurred:
AttributeError: 'module' object has no attribute 'TLSSNI01'
Please see the logfile '/tmp/tmpJC1Qt3/log' for more details.
</pre>
In log file :
2020-01-09 20:23:15,165:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/bin/letsencrypt", line 9, in <module>
load_entry_point('certbot==1.0.0', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 14, in main
return internal_main.main(cli_args)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1320, in main
plugins = plugins_disco.PluginsRegistry.find_all()
File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 208, in find_all
plugin_ep = PluginEntryPoint(entry_point)
File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 50, in __init__
self.plugin_cls = entry_point.load()
File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2260, in load
entry = __import__(self.module_name, globals(),globals(), ['__name__'])
File "build/bdist.linux-x86_64/egg/certbot_apache/entrypoint.py", line 4, in <module>
File "build/bdist.linux-x86_64/egg/certbot_apache/configurator.py", line 32, in <module>
File "build/bdist.linux-x86_64/egg/certbot_apache/http_01.py", line 13, in <module>
File "/usr/lib/python2.7/site-packages/certbot/plugins/common.py", line 445, in __getattr__
return getattr(self._module, attr)
AttributeError: 'module' object has no attribute 'TLSSNI01'
2020-01-09 20:23:15,165:ERROR:certbot._internal.log:An unexpected error occurred:
Something going wrong…
Hello Joe,
I finally found time to try this again.
certbot-auto is now installed as described at https://certbot.eff.org/lets-encrypt/debianjessie-other including step 1-3 and executed “sudo /usr/local/bin/certbot-auto certonly --webroot” from step 4 once without entering domains at all.
I tried to run certbot-auto and was able to select nginx and all of my domains were listed.
Nevertheless, Virtualmin 6.08 (Webmin 1.940) claims " The Let’s Encrypt client command letsencrypt or certbot was not found on your system".
Any ideas on that? There seems to be no setting to enter the path to certbot-auto…
Ilia mentioned Webmin 1.941 to fix this. What does this mean and when is this planned?
With only a few days left for the first certificates to expire I’m getting a little bit nervous 
Thanks in advance and best regards
Christian
You don’t want to run certbot-auto for your specific web server. It’ll try to insert configuration that Virtualmin is already managing (and maybe break it).
I don’t know why it wouldn’t be detected. It’s supposed to find certbot-auto if it’s somewhere on the path, but you can set the path explicitly in Webmin Configuration->Configuration (click the gear in the left corner of the right frame).
1 Like
Thanks, Joe! The path was set and not set to “Find automatically”. I was able to renew the certificates! 
Strangely I did not remember this setting. And search within webmin did not come up with a result:
“Searching for certbot . . . . found 0 results :
No Webmin modules or pages matching certbot were found.”
But, however, THANKS!
But when webmin 1.941 will be coming !!!
I have a hug problem, i must need to let’s encrypt
can I downgrade with any problem???
Tahnks
Webmin 1.941 was released to devel repos. Simply run this command to grab and update it:
yum update http://download.webmin.com/devel/rpm/webmin-1.941-1.noarch.rpm
Thank you!
I have centos6.10, this update work on it
is there also for debian 8?
if not, how can I downgrade from debian 8?
edit:
http://download.webmin.com/devel/deb/
I have found this, could I try to update with _all?
I have found this, could I try to update with _all?
Yes, you can do it.
there is a problem: during the installation (dpkg -i deb_all) after unpackage and during “Setting up”, server lost connection and now I dont have “webmin” at all
log:
2020-01-15 14:24:55 upgrade webmin:all 1.940-2 1.941
2020-01-15 14:24:55 status half-configured webmin:all 1.940-2
2020-01-15 14:24:55 status unpacked webmin:all 1.940-2
2020-01-15 14:24:55 status half-installed webmin:all 1.940-2
2020-01-15 14:27:34 status triggers-pending systemd:amd64 215-17+deb8u13
2020-01-15 14:27:50 status half-installed webmin:all 1.940-2
2020-01-15 14:27:50 status unpacked webmin:all 1.941
2020-01-15 14:27:51 status unpacked webmin:all 1.941
2020-01-15 14:27:51 configure webmin:all 1.941 1.941
2020-01-15 14:27:51 status unpacked webmin:all 1.941
2020-01-15 14:27:51 status unpacked webmin:all 1.941
2020-01-15 14:27:51 status unpacked webmin:all 1.941
2020-01-15 14:27:51 status half-configured webmin:all 1.941
then stopped
Now I have
Webmin version 1.941
but I dont have webmin package
However, now let’s encrypt works
should I update also usermin? (“summary” tells me that is outdated)
edit:
I installed usermin and worked. Should I install also usermin-webmail_1.790_all.deb?
I dont have this package
for now I have installed a certificate and worked
Should I install also usermin-webmail_1.790_all.deb?
No!
Nice, lucky me that didnt do it 
However why not? Is only for whom had some email stuff?