search

virtualmin / virtualmin-gpl

Virtualmin web hosting control panel for Webmin
https://www.virtualmin.com
GNU General Public License v3.0
331 stars 102 forks source link

Certificates renewal not working properly #304

Open kylix34 opened 3 years ago

kylix34 commented 3 years ago

Hi!

I have Virtualmin installed on a Centos 6.10 machine: Webmin version 1.973 Virtualmin version: 6.16 Usermin version: 1.823 Authentic theme version: 19.73

The certificate auto-renewal is not working (we had before the patch applied to feature-ssl.pl and it was working, before updating webmin/virtualmin).

Manually renewing the certificates is working ... sort of. In the "current certificate" tab we see "the certificate expired x days ago" message but in Let's Encrypt tab, it shows it as correctly applied.

The certificates are in /etc/webmin/webmin and /home/domain-name (in both folders, the certificates that were manually renewed have the correct date/time)

Would it be possible to fix the problem? What could we check?

jcameron commented 3 years ago

Are you getting any email from Virtualmin when the cert renewal fails? Or does it just silently not happen?

kylix34 commented 3 years ago

Hi Jamie! Nope, no email received about the missed renewal. I only get emails like this:

################# SSL Certificate Warning ################

Certificate for hostname 'sddsdsdsd.com', in file (or by nickname): /home/sddsdsdsd.com/ssl.cert

The certificate needs to be renewed; this can be done using the 'genkey' program.

Browsers will not be able to correctly connect to this web site using SSL until the certificate is renewed.

########################################################## Generated by certwatch(1)

kylix34 commented 3 years ago

Unfortunately, there's no logfile for let's encrypt on my CentOS 6.10 distro

jcameron commented 3 years ago

So if you manually renew and then check the cert in your browser, does it show the new expiry date?

The bug of the days till expiry not being refreshed will be fixed in the next Virtualmin release.

kylix34 commented 3 years ago

If I manually renew, the certificate is correctly shown in the browser (creation date and expiry date are correct).

kylix34 commented 3 years ago

Upgraded Webmin to v 1.980 but it didn't make any difference. Would it be possible to downgrade Virtualmin without breaking other stuff?

jcameron commented 3 years ago

Better to wait till we release the next Virtualmin, which should fix this.

kylix34 commented 3 years ago

Do you have an ETA for the update?

jcameron commented 3 years ago

@swelljoe any preferred timeline for a new Virtualmin release?

kylix34 commented 3 years ago

Any news about it? @jcameron @swelljoe