As of yesterday I keep getting 2 messages from my servers regarding the Let’s Encrypt DNS records for my servers. Only for the virtualmin-domain. NOT for all other sites/domains hosted on my server.
First message:
Subject “Webmin action in Webmin Configuration by : Removed Let’s Encrypt DNS record for www.myserver.hostname.tld”
body:
This email was sent by Webmin in response to a user action.
Webmin module: webmin
Module title: Webmin Configuration
Action performed at: 07/29/2023 10:23 AM
Performed on system: hostname
Performed by user:
Client address:
Webmin script: letsencrypt-cleanup.pl
That means that domain validates its Let’s Encrypt certificate via DNS (or it’s trying to).
If you didn’t do it on purpose, it means there’s a misconfiguration somewhere that’s not allowing web validation to work. Web validation is the default, and usually best, way to validate a Let’s Encrypt certificate (best, because there are usually fewer moving parts, and thus fewer things that can go wrong…and it doesn’t involve DNS, other than there being A records for all the names being requested).
The other possibility is you have a wildcard cert on this domain, in which case only DNS validation can work.
Assuming your Virtualmin server is authoritative for that zone, and you have a working secondary, or you are using one of Virtualmin’s supports cloud DNS providers, DNS validation is fine. (But, again, if this isn’t a wildcard, I’d probably try to fix web validation.)
correct! Thanks!
The domains associated field for “myhost.mydomain.tld” listed 2 fqdn’s: myhost.mydomain.tld and www.myhost.mydomain.tld. I’ve removed the www-part & it’s good again.
… I should have been able to figure that out msyelf too…
