CentOS Linux 7.7.1908
Apache 2.4.6
Virtualmin GPL
DNS is managed by Vmin/Bind
Default Let’s Encrypt module
My first attempt at requesting a (wildcard) SSL cert for
*.mydomain.com
mydomain.com
errored with … DNS-based validation failed… and a demand that certbot be installed. I installed it and on the next attempt all hell broke loose:
...
Undefined subroutine &main::restart_zone called at /usr/libexec/webmin/webmin/letsencrypt-dns.pl line 47.
...
Undefined subroutine &main::restart_zone called at /usr/libexec/webmin/webmin/letsencrypt-cleanup.pl line 38.
...
I corrected these two files with the github resolution at https://github.com/webmin/webmin/commit/771be1a754fafa02abb5d5670f3ba4a6e94f30c4
restarted Webmin with ‘service webmin restart’ and now get the following error:
… request failed : Web-based validation failed : Wildcard hostname *.mydomain.com can only be validated in DNS mode DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for mydomain.com
dns-01 challenge for mydomain.com
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
manual-auth-hook command “/etc/webmin/webmin/letsencrypt-dns.pl” returned error code 13
Error output from manual-auth-hook command letsencrypt-dns.pl:
Failed to run /usr/libexec/webmin/webmin/letsencrypt-dns.pl : Permission denied at /etc/webmin/webmin/letsencrypt-dns.pl line 12.
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
manual-auth-hook command “/etc/webmin/webmin/letsencrypt-dns.pl” returned error code 13
Error output from manual-auth-hook command letsencrypt-dns.pl:
Failed to run /usr/libexec/webmin/webmin/letsencrypt-dns.pl : Permission denied at /etc/webmin/webmin/letsencrypt-dns.pl line 12.
Waiting for verification…
Challenge failed for domain mydomain.com
Challenge failed for domain mydomain.com
dns-01 challenge for mydomain.com
dns-01 challenge for mydomain.com
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
manual-cleanup-hook command “/etc/webmin/webmin/letsencrypt-cleanup.pl” returned error code 13
Error output from manual-cleanup-hook command letsencrypt-cleanup.pl:
Failed to run /usr/libexec/webmin/webmin/letsencrypt-cleanup.pl : Permission denied at /etc/webmin/webmin/letsencrypt-cleanup.pl line 12.
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
manual-cleanup-hook command “/etc/webmin/webmin/letsencrypt-cleanup.pl” returned error code 13
Error output from manual-cleanup-hook command letsencrypt-cleanup.pl:
Failed to run /usr/libexec/webmin/webmin/letsencrypt-cleanup.pl : Permission denied at /etc/webmin/webmin/letsencrypt-cleanup.pl line 12.
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: mydomain.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.mydomain.comDomain: mydomain.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.mydomain.com
I have owner/group as root:root and permissions as 755 for
/etc/webmin/webmin/letsencrypt-cleanup.pl
/etc/webmin/webmin/letsencrypt-dns.pl
I am logged in to Vmin as root when I generate the cert