User Tools
This is an old revision of the document!
Table of Contents
Virtualmin SSL Issues
Let's Encrypt
Beware of rate limiting at Let's Encrypt. Don't run any more attempts than is absolutely necessary or you may have to wait an hour to try again.
- Edit the virtual server you want to SSL-enable
- Enable SSL feature
- A self-signed certificate is automatically created and applied
- Configure Let's Encrypt SSL certificate
- Don't add mail.domain.tld
- Mail clients will still have to accept the cert presented anyway
- List the desired SANs
domain.tld www.domain.tld autoconfig.domain.tld autodiscover.domain.tld
- Adjust the auto-renewal interval
- The default (two months) is safe
Virtualmin → <domain> → Server Configuration → Manage SSL Certificate → Let’s Encrypt (tab)
Request certificate for → Domain names listed here → <list of Subject Alternative Names>
Months between automatic renewal → 2
Encrypt all Traffic for a Site
Virtualmin → <domain> → Services → Configure Website → Aliases and Redirects
Permanent URL redirects → From → / (slash)
Permanent URL redirects → To → https://www.yourdomainname.tld
Apply Let’s Encrypt SSL Cert to System Services
The matching domain name must be included in the SSL certificate.
Virtualmin → <domain> → Server Configuration → Manage SSL Certificate → Current Certificate (tab) → Copy to…
- Webmin
- Usermin
- Postfix
- Dovecot
- ProFTPD
