Wildcart SSL is not working

i have a domain.com on DA server and i have created A record and point my Virtualmin server with it
now i have create a wildcard certificate on DA server like *.domain.com
create in virtualmin download.domain.com
when i try to past server in cirtualmin its says something like wrong password even i have not set any password during ceritifcate creation it might be due to different file type can you please guide me how i can resolve it

centos7 REQUIRED
Virtualmin 2.001 REQUIRED

We always need to see the errors you get in situations like this.

But, if I’m reading you correctly, it sounds like Virtualmin is not managing your DNS. You cannot get a wildcard certificate without DNS validation, and for Virtualmin to use DNS validation it has to be managing your DNS because it has to be able to create the TXT record with the validation key Let’s Encrypt sends when requesting a wildcard.

Wildcards cannot be validated with web validation (so creating an A record does nothing useful), it has to be validated via DNS. This is not a Virtualmin thing…it’s the way Let’s Encrypt works.

I recommend you not use wildcards, as they have several worrying security implications in addition to being harder to validate.

But, if you must use wildcards, you have to do it in a way that allows DNS records to be created. So, either you use the command line client with the correct configuration for whatever provider is hosting your DNS, or you make the Virtualmin server and it’s secondary DNS server the authoritative servers for your zone.

Oops… wrong thread.

You misunderstood me
I have generated certificate on another server which is directadmin then copy my key and certificate to virtualmin its wildcard ssl
But i am getting issue while uploading key and certificate its says wrong password etc even i have not set any password when i contact with directadmin they said it can be due to different file type maybe supported by virtualmin

I have wildcard ssl i want to use in virtualmin

If you use Virtualmin to generate a free SSL certificate from Let’s Encrypt, like most of us here do, then all you will need to do it click on a button under Virtualmin → Server Configuration → SSL Certificate and Virtualmin will generate a SSL certificate from Let’s Encrypt and also renew it automatically every three months.

If you have a SSL certificate at hand and Virtualmin asks you for a password in order to be able to apply it to a virtual server, then you need to supply the correct password to proceed. You may not have knowingly set a password but there are very few of us who understand how the Public Key Infrastructure works deeply enough to know when passwords are required and when they are randomly created in the background and applied on our behalf.

If you are using Virtualmin, you could either supply the correct password or let Virtualmin generate a certificate for you from Let’s Encrypt.

i have resolved issue, virtualmin doesn’t support Ecliptic Curve certs

That seems unlikely. I’ll check with Jamie and we’ll fix it if that’s so, but if that’s the problem, I suspect it’s because your OS is so old rather than Virtualmin making decisions about it.

Virtualmin shouldn’t care if a cert is using EC or not, at least when it is applied to Apache.

Or do you mean that Virtualmin’s own UI on port 10000 doesn’t support EC?

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.