0

I've a dedicated server on which I use Webmin/Virtualmin. SSL is done through Let's Encrypt and renewal via a CRON job. When I open VirtualMin, I've always a message saying

Some virtual servers' SSL certificates have expired

and when I look at the detail I see "Expiry date= Feb 3 18:34:14 2021 GMT" which is wrong. Renewal has been done correctly, site is running in https and Firefox tell me the certificate will expire on 10 of June 2021 (which is the correct information).

Even if it's only a message, having correct information would be better. I tried to refresh Virtualmin, without any success. Any idea?

Improve this question
4
  • The phrasing of "Some virtual servers' ..." implies (to me) that it has scanned more than one virtual server. You mention one expiration date. Is it possible that there is a different certificate that has expired? Commented May 17, 2021 at 15:03
  • In fact there is only one server (actually) and I've set only one certificate. What is strange is that I've Let's Encrypt certificate for a long time, in fact many months before the date Virtualmin claim to be the expiration date... Commented May 17, 2021 at 15:50
  • Is Feb 3rd the previous expiration date? It seems hard to believe that Virtualmin would make up a certificate or date. Just trying to piece things together here. Commented May 17, 2021 at 15:55
  • 1
    In searching around, I found perl virtualmin-get-domains-ssl-status.pl at forum.virtualmin.com/t/…; does it provide anything useful? Also interesting is forum.virtualmin.com/t/… Commented May 17, 2021 at 16:06

1 Answer 1

Reset to default
1

First thanks a lot to Jeff! I've not found how to solve but I understand what's happening.

Virtualmin wants to have the certificates located in the virtual server "home" folder. So if my virtual server name is "my_server", Virtualmin search the files in home/my_server/. And in fact at this location, I have certificates files (ssl.cert, ssl.key...) but they are old ones (from February).

But when renewal occur, Let's Encrypt put the files in his own directory, at "etc/letsencrypt/live/domaine_name/"

I don't know if the location has changed in February or if a symlink has been broken. But when I visit my Website with a browser, Apache use the keys in etc/letsencrypt/live/domaine_name/ while Virtualmin continue searching for the files in the virtual server folder, where he found old keys.

Here are some details: https://github.com/virtualmin/virtualmin-gpl/issues/20

Edit: I've made symlink like this:

ln -s /etc/letsencrypt/live/my_domaine/cert.pem ssl.cert

ln -s /etc/letsencrypt/live/my_domaine/cert.pem ssl.combined

ln -s /etc/letsencrypt/live/my_domaine/privkey.pem ssl.key

ln -s /etc/letsencrypt/live/my_domaine/chain.pem ssl.ca

ln -s /etc/letsencrypt/live/my_domaine/fullchain.pem ssl.everything

and now it seems to be OK.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.