Virtualmin virtual-server module version 6.05 released

8 posts / 0 new
Last post
#1 Tue, 12/04/2018 - 03:44
Joe
Joe's picture

Virtualmin virtual-server module version 6.05 released

Howdy all,

I've rolled out version 6.05 of the Virtualmin virtual-server module.

Changes since 6.04:

  • Scheduled backups created by root can now be designated as allowing restore by virtual server owners, so that they don't have to maintain their own backups.
  • When used with Webmin 1.900 or above, Let's Encrypt SSL certificates can be requested for wildcard domains.
  • The domain name used in links to a server's website can now be customized to use one of its aliases instead.
  • Many Install Script updates.
  • Bug fixed in change-license CLI command that would prevent it from correctly re-checking the license after changing it.

The big news for some folks will be wildcard support for Let's Encrypt. Since this is new, and a little bit complex, watch for problems and let us know if you run into any.

Cheers,

Joe

Fri, 12/07/2018 - 19:24
Hifihedgehog
Hifihedgehog's picture

Awesome! So I went ahead and added it. However, it errored out. It appears I need to add a TXT file with my domain registrar tied to _acme-challenge.[my domain name].com. To my knowledge and per some reading online about the manual process, I need some sort of random generated value associated with that. How would I go about obtaining that since I do not see it in the terminal readout? EDIT: To those wondering, it appears you have to *prime the pump*, so to speak. For the first time, register manually in the terminal. Add the key the utility provides to your TXT entry with your web registrar. Then complete a registration for your domain. In my case, these instructions worked well for NameCheap. After this, you should be able to re-register subsequently ad infinitum within Virtualmin.

Fri, 12/14/2018 - 22:51 (Reply to #2)
Joe
Joe's picture

Thanks for posting your solution.

I think it only falls back to using DNS for validation if web validation doesn't work, but maybe it's different when it uses certbot instead of the bundled ACME client (which doesn't support wildcards and some newer features).

--

Check out the forum guidelines!

Mon, 12/17/2018 - 06:46
scubaya

Hi All,

I am not able to get it working. I also cant really find any guidance on how to activate this. When I am trying to add a wildcard I am getting this error:

Requesting a certificate for *.website.com from Let's Encrypt .. .. request failed : Web-based validation failed : Wildcard hostname *.website.com can only be validated in DNS mode DNS-based validation failed : Wildcard hostname *.website.com can only be validated when the native Let's Encrypt client is installed

To my knowledge I am using the native Letsencrypt client right?

Many thanks //Dirk

Wed, 12/26/2018 - 20:26 (Reply to #4)
Joe
Joe's picture

That error is poorly worded. The native client is certbot. We ship a lightweight ACME client inside of Webmin/Virtualmin, but it doesn't yet support wildcard certificates. And, we can't ship certbot as part of Webmin/Virtualmin, because it has a lot more dependencies and is much, much, bigger. But, I think all of the major distributions we support have certbot available, though only in the more recent versions of the distros; so you'll need to be using CentOS 7 (with EPEL), Ubuntu 18.04, or Debian 9.

I'll be adding that to our dependencies list in the Virtualmin 7 installer. I'm hesitant to add such a big dependency to 6 without quite a bit of testing. But, you can install it with yum or apt.

Edit: I've modified the error to be more clear in the next version of Webmin. It'll explicitly say "certbot" rather than "native client".

--

Check out the forum guidelines!

Fri, 01/04/2019 - 10:47 (Reply to #5)
azcunaga

Hi there,

Thanks Joe and team for this new feature.

I'm getting the same error as above. I'm on Ubuntu 16, so I installed the certbot client per the instructions you mentioned at https://certbot.eff.org/

However I still get the same error: .. request failed : Web-based validation failed : Wildcard hostname *.mydomain.com can only be validated in DNS mode

I currently have a A record with *.mydomain.com setup over with my hosting company. Is this the right setup? What does "DNS mode" mean anyway?

Many thanks!

Sat, 01/05/2019 - 22:06
hescominsoon

I like: Scheduled backups created by root can now be designated as allowing restore by virtual server owners, so that they don't have to maintain their own backups. So if i enable this will it give the server owners a one click way to restore their backups?

Fri, 03/15/2019 - 00:59
nabab

So for the wildcard support, on Debian 9 you need to install certbot then add the line server = https://acme-v02.api.letsencrypt.org/directory in the cli.ini file (somewhere in /etc/letsencrypt), and just request a cert through Virtualmin for *.mydomain.tld or even *.mysub.domain.tld. It worked like a breeze, great job!

Thanks!