how to configure DNS records virtualmin?
-
hello sir, i have installed Virtualmin on a new digital ocean droplet as far i know everything is working fine but i could not point server to my subdomain
here are my CF settings
i am not sure what i am missing. i have sent my Virtualmin DNS records over PM please tell me how to configure them correctly
-
i think we can mark this discussion as solved
- learned how to install virtualmin with NGINX
- We can easily point the DNS by mentioning server IP at CF a name record
- learned how to install SSL
-
hello sir, i have installed Virtualmin on a new digital ocean droplet as far i know everything is working fine but i could not point server to my subdomain
here are my CF settings
i am not sure what i am missing. i have sent my Virtualmin DNS records over PM please tell me how to configure them correctly
@hari have you set the subdomain or root domain yet in VirtualMin? You shouldn’t rely on DNS in VirtualMin as this has no bearing apart from which route to take internally as soon as the traffic arrives at the server itself.
DNS zones on the VirtualMin server are automatically populated and you shouldn’t need to do anything there.
I get this when attempting to access the link you sent in PM
-
@hari have you set the subdomain or root domain yet in VirtualMin? You shouldn’t rely on DNS in VirtualMin as this has no bearing apart from which route to take internally as soon as the traffic arrives at the server itself.
DNS zones on the VirtualMin server are automatically populated and you shouldn’t need to do anything there.
I get this when attempting to access the link you sent in PM
@phenomlab said in how to configure DNS records virtualmin?:
have you set the subdomain or root domain yet in VirtualMin?
i have used subdomain
just now i have tried to install the certificate for the subdomain following this but let’s encrypt is not give the certificate
in log it looks like i have not configured the DNS correctly
Domain: ask3.domain.com Type: unauthorized Detail: Invalid response from https://ask3.domain.com/.well-known/acme-challenge/WCSL3V7RqeaQd41WBlLDBPK19uaY0ODLDTtRWJqSU68 [2606:4700:e4::ac40:a90f]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]> <html class=\"no-js " but i have added A name record for ask3 pointing my server IP
should i get a certificate for my server using server IP?
-
@phenomlab said in how to configure DNS records virtualmin?:
have you set the subdomain or root domain yet in VirtualMin?
i have used subdomain
just now i have tried to install the certificate for the subdomain following this but let’s encrypt is not give the certificate
https://www.ssldragon.com/blog/install-an-ssl-certificate-on-virtualmin/
in log it looks like i have not configured the DNS correctly
Domain: ask3.domain.com Type: unauthorized Detail: Invalid response from https://ask3.domain.com/.well-known/acme-challenge/WCSL3V7RqeaQd41WBlLDBPK19uaY0ODLDTtRWJqSU68 [2606:4700:e4::ac40:a90f]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]> <html class=\"no-js "but i have added A name record for ask3 pointing my server IP
should i get a certificate for my server using server IP?
@hari no, that won’t work. The entire point of a certificate is that it is assigned to a hostname. Can you provide (information redacted) screenshots of your you have the root domain and subdomain configured in VirtualMin ?
Or, I can check directly if you provide login details via PM.
-
@phenomlab Hi sir, I’ve got 2nd dose vaccination and I’m suffering from fever and stomach pain. I will go through this after a week
-
@phenomlab Hi sir, I’ve got 2nd dose vaccination and I’m suffering from fever and stomach pain. I will go through this after a week
@hari ok
-
@phenomlab Hi sir, I’ve got 2nd dose vaccination and I’m suffering from fever and stomach pain. I will go through this after a week
@hari Just checking in - you feeling better now ?
-
@phenomlab thanks for asking, I got recovered after five days and later I was busy with fixing roof. I’ve turned off email notifications and didn’t checked this thread for the last two weeks.
-
@phenomlab thanks for asking, I got recovered after five days and later I was busy with fixing roof. I’ve turned off email notifications and didn’t checked this thread for the last two weeks.
@Hari no issues at all. Fixing the roof sounds like fun
-
today i have bought a new droplet, deleted the old one to avoid extra billing.
i have added A name record at CF for ask8.domain.com and trying to get lets encrypt certificate and getting this error
Requesting a certificate for ask8.domain.com, *.ask8.domain.com from Let’s Encrypt …
… request failed : Web-based validation failed : Wildcard hostname *.ask8.domain.com can only be validated in DNS mode DNS-based validation failed :Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator manual, Installer None Obtaining a new certificate Performing the following challenges: dns-01 challenge for ask8.domain.com Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl Waiting for verification... Challenge failed for domain ask8.domain.com dns-01 challenge for ask8.domain.com Cleaning up challenges Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: ask8.domain.com Type: unauthorized Detail: No TXT record found at _acme-challenge.ask8.domain.com To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. do i need to add any c name record at CF for this?
_acme-challenge.ask8.domain.com
-
today i have bought a new droplet, deleted the old one to avoid extra billing.
i have added A name record at CF for ask8.domain.com and trying to get lets encrypt certificate and getting this error
Requesting a certificate for ask8.domain.com, *.ask8.domain.com from Let’s Encrypt …
… request failed : Web-based validation failed : Wildcard hostname *.ask8.domain.com can only be validated in DNS mode DNS-based validation failed :Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator manual, Installer None Obtaining a new certificate Performing the following challenges: dns-01 challenge for ask8.domain.com Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl Waiting for verification... Challenge failed for domain ask8.domain.com dns-01 challenge for ask8.domain.com Cleaning up challenges Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: ask8.domain.com Type: unauthorized Detail: No TXT record found at _acme-challenge.ask8.domain.com To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.do i need to add any c name record at CF for this?
_acme-challenge.ask8.domain.com
@Hari Not typically. You’ll get this error if you also request a wildcard. Try it by itself, without the wildcard.
If you really want to use a wildcard, you’ll need a DNS record identified as
*pointing to the IP address of your server. -
@Hari Not typically. You’ll get this error if you also request a wildcard. Try it by itself, without the wildcard.
If you really want to use a wildcard, you’ll need a DNS record identified as
*pointing to the IP address of your server.@phenomlab got it, now i got the certificate, how can i enable HSTS at virtual min for ask8 virtual server
-
@phenomlab got it, now i got the certificate, how can i enable HSTS at virtual min for ask8 virtual server
@Hari Apache or NGINX ?
-
@phenomlab NGINX i guess
-
@phenomlab NGINX i guess
@Hari Try this in your
nginx.conffileadd_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; -
@Hari Try this in your
nginx.conffileadd_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;@phenomlab i think i missed this step, how can i make sure i am using NGINX
my current settings for ask8
ask8 is not opening because i have opted for HSTS i want an origin server certificate
-
@phenomlab i think i missed this step, how can i make sure i am using NGINX
my current settings for ask8
ask8 is not opening because i have opted for HSTS i want an origin server certificate
@Hari How did you install Virtualmin on that droplet ? If you used the default commands, it is using Apache.
-
@Hari How did you install Virtualmin on that droplet ? If you used the default commands, it is using Apache.
@phenomlab i followed this video, now i went forward with apache and enabled SSL at virtual min and ask8 is loading
from our conversation i have learned how to create SSL and apply for our server (sub-domain) at Virtualmin.
Virtualmin is so nice it has built-in SSH easy to access.
now i am taking backup of live flarum for ask. virtualserver
after uploading DB and files i will disturb if i face any issues.
next, i should set up Redis …etc and need to change ask server to NGINX
now deleting ask8 which is created to learn SSL
-
@phenomlab i followed this video, now i went forward with apache and enabled SSL at virtual min and ask8 is loading
from our conversation i have learned how to create SSL and apply for our server (sub-domain) at Virtualmin.
Virtualmin is so nice it has built-in SSH easy to access.
now i am taking backup of live flarum for ask. virtualserver
after uploading DB and files i will disturb if i face any issues.
next, i should set up Redis …etc and need to change ask server to NGINX
now deleting ask8 which is created to learn SSL
@Hari Ok, no issues. I tend to prefer NGINX over Apache2 myself.
See below
Essentially, you need to suffix the install script with
--bundle LEMP -
@Hari Ok, no issues. I tend to prefer NGINX over Apache2 myself.
See below
https://www.virtualmin.com/documentation/installation/automated/#LAMP_vs_LEMP
Essentially, you need to suffix the install script with
--bundle LEMP@phenomlab yeah, i missed that
i think migrating from apache to NGNIX is a bit complicated i will destroy this droplet and do the installation again.
tried this, after running
apt-get install nginxi thought this will get complicated
Did this solution help you?
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (ether email, or push notification). You'll also be able to save bookmarks, use reactions, and upvote to show your appreciation to other community members.
With your input, this post could be even better 💗
RegisterLog in
