Skip to content

how to configure DNS records virtualmin?

Solved Linux
  • hello sir, i have installed Virtualmin on a new digital ocean droplet as far i know everything is working fine but i could not point server to my subdomain

    here are my CF settings

    e6afb3d1-84bc-4d82-a989-0c9a045320e4-image.png

    i am not sure what i am missing. i have sent my Virtualmin DNS records over PM please tell me how to configure them correctly

  • i think we can mark this discussion as solved

    • learned how to install virtualmin with NGINX
    • We can easily point the DNS by mentioning server IP at CF a name record
    • learned how to install SSL
  • hello sir, i have installed Virtualmin on a new digital ocean droplet as far i know everything is working fine but i could not point server to my subdomain

    here are my CF settings

    e6afb3d1-84bc-4d82-a989-0c9a045320e4-image.png

    i am not sure what i am missing. i have sent my Virtualmin DNS records over PM please tell me how to configure them correctly

    @hari have you set the subdomain or root domain yet in VirtualMin? You shouldn’t rely on DNS in VirtualMin as this has no bearing apart from which route to take internally as soon as the traffic arrives at the server itself.

    DNS zones on the VirtualMin server are automatically populated and you shouldn’t need to do anything there.

    I get this when attempting to access the link you sent in PM

    Screenshot_20220126-215838.jpg

  • @hari have you set the subdomain or root domain yet in VirtualMin? You shouldn’t rely on DNS in VirtualMin as this has no bearing apart from which route to take internally as soon as the traffic arrives at the server itself.

    DNS zones on the VirtualMin server are automatically populated and you shouldn’t need to do anything there.

    I get this when attempting to access the link you sent in PM

    Screenshot_20220126-215838.jpg

    @phenomlab said in how to configure DNS records virtualmin?:

    have you set the subdomain or root domain yet in VirtualMin?

    i have used subdomain

    just now i have tried to install the certificate for the subdomain following this but let’s encrypt is not give the certificate

    https://www.ssldragon.com/blog/install-an-ssl-certificate-on-virtualmin/

    in log it looks like i have not configured the DNS correctly

    Domain: ask3.domain.com
      Type:   unauthorized
      Detail: Invalid response from
      https://ask3.domain.com/.well-known/acme-challenge/WCSL3V7RqeaQd41WBlLDBPK19uaY0ODLDTtRWJqSU68
      [2606:4700:e4::ac40:a90f]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
      <html class=\"no-js ie6 oldie\" lang=\"en-US\">
      <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "
    

    but i have added A name record for ask3 pointing my server IP

    should i get a certificate for my server using server IP?

  • @phenomlab said in how to configure DNS records virtualmin?:

    have you set the subdomain or root domain yet in VirtualMin?

    i have used subdomain

    just now i have tried to install the certificate for the subdomain following this but let’s encrypt is not give the certificate

    https://www.ssldragon.com/blog/install-an-ssl-certificate-on-virtualmin/

    in log it looks like i have not configured the DNS correctly

    Domain: ask3.domain.com
      Type:   unauthorized
      Detail: Invalid response from
      https://ask3.domain.com/.well-known/acme-challenge/WCSL3V7RqeaQd41WBlLDBPK19uaY0ODLDTtRWJqSU68
      [2606:4700:e4::ac40:a90f]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
      <html class=\"no-js ie6 oldie\" lang=\"en-US\">
      <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "
    

    but i have added A name record for ask3 pointing my server IP

    should i get a certificate for my server using server IP?

    @hari no, that won’t work. The entire point of a certificate is that it is assigned to a hostname. Can you provide (information redacted) screenshots of your you have the root domain and subdomain configured in VirtualMin ?

    Or, I can check directly if you provide login details via PM.

  • @phenomlab Hi sir, I’ve got 2nd dose vaccination and I’m suffering from fever and stomach pain. I will go through this after a week

  • @phenomlab Hi sir, I’ve got 2nd dose vaccination and I’m suffering from fever and stomach pain. I will go through this after a week

    @hari ok

  • @phenomlab Hi sir, I’ve got 2nd dose vaccination and I’m suffering from fever and stomach pain. I will go through this after a week

    @hari Just checking in - you feeling better now ?

  • @hari Just checking in - you feeling better now ?

    @phenomlab thanks for asking, I got recovered after five days and later I was busy with fixing roof. I’ve turned off email notifications and didn’t checked this thread for the last two weeks.

  • @phenomlab thanks for asking, I got recovered after five days and later I was busy with fixing roof. I’ve turned off email notifications and didn’t checked this thread for the last two weeks.

    @Hari no issues at all. Fixing the roof sounds like fun

  • today i have bought a new droplet, deleted the old one to avoid extra billing.

    i have added A name record at CF for ask8.domain.com and trying to get lets encrypt certificate and getting this error

    Requesting a certificate for ask8.domain.com, *.ask8.domain.com from Let’s Encrypt …
    … request failed : Web-based validation failed : Wildcard hostname *.ask8.domain.com can only be validated in DNS mode DNS-based validation failed :

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator manual, Installer None
    Obtaining a new certificate
    Performing the following challenges:
    dns-01 challenge for ask8.domain.com
    Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
    Waiting for verification...
    Challenge failed for domain ask8.domain.com
    dns-01 challenge for ask8.domain.com
    Cleaning up challenges
    Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
    Some challenges have failed.
    IMPORTANT NOTES:
     - The following errors were reported by the server:
    
       Domain: ask8.domain.com
       Type:   unauthorized
       Detail: No TXT record found at
       _acme-challenge.ask8.domain.com
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A/AAAA record(s) for that domain
       contain(s) the right IP address.
    

    do i need to add any c name record at CF for this?

    _acme-challenge.ask8.domain.com

  • today i have bought a new droplet, deleted the old one to avoid extra billing.

    i have added A name record at CF for ask8.domain.com and trying to get lets encrypt certificate and getting this error

    Requesting a certificate for ask8.domain.com, *.ask8.domain.com from Let’s Encrypt …
    … request failed : Web-based validation failed : Wildcard hostname *.ask8.domain.com can only be validated in DNS mode DNS-based validation failed :

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator manual, Installer None
    Obtaining a new certificate
    Performing the following challenges:
    dns-01 challenge for ask8.domain.com
    Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
    Waiting for verification...
    Challenge failed for domain ask8.domain.com
    dns-01 challenge for ask8.domain.com
    Cleaning up challenges
    Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
    Some challenges have failed.
    IMPORTANT NOTES:
     - The following errors were reported by the server:
    
       Domain: ask8.domain.com
       Type:   unauthorized
       Detail: No TXT record found at
       _acme-challenge.ask8.domain.com
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A/AAAA record(s) for that domain
       contain(s) the right IP address.
    

    do i need to add any c name record at CF for this?

    _acme-challenge.ask8.domain.com

    @Hari Not typically. You’ll get this error if you also request a wildcard. Try it by itself, without the wildcard.

    If you really want to use a wildcard, you’ll need a DNS record identified as * pointing to the IP address of your server.

  • @Hari Not typically. You’ll get this error if you also request a wildcard. Try it by itself, without the wildcard.

    If you really want to use a wildcard, you’ll need a DNS record identified as * pointing to the IP address of your server.

    @phenomlab got it, now i got the certificate, how can i enable HSTS at virtual min for ask8 virtual server

  • @phenomlab got it, now i got the certificate, how can i enable HSTS at virtual min for ask8 virtual server

    @Hari Apache or NGINX ?

  • @Hari Apache or NGINX ?

    @phenomlab NGINX i guess ☺

  • @phenomlab NGINX i guess ☺

    @Hari Try this in your nginx.conf file

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    
  • @Hari Try this in your nginx.conf file

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    

    @phenomlab i think i missed this step, how can i make sure i am using NGINX

    32016667-856a-4dde-a4aa-832bb81e202a-image.png

    my current settings for ask8

    5b514fa7-f18c-4417-9e90-f0dc940acd28-image.png

    ask8 is not opening because i have opted for HSTS i want an origin server certificate 🙂

  • @phenomlab i think i missed this step, how can i make sure i am using NGINX

    32016667-856a-4dde-a4aa-832bb81e202a-image.png

    my current settings for ask8

    5b514fa7-f18c-4417-9e90-f0dc940acd28-image.png

    ask8 is not opening because i have opted for HSTS i want an origin server certificate 🙂

    @Hari How did you install Virtualmin on that droplet ? If you used the default commands, it is using Apache.

  • @Hari How did you install Virtualmin on that droplet ? If you used the default commands, it is using Apache.

    @phenomlab i followed this video, now i went forward with apache and enabled SSL at virtual min and ask8 is loading ✅

    from our conversation i have learned how to create SSL and apply for our server (sub-domain) at Virtualmin.

    Virtualmin is so nice it has built-in SSH easy to access.

    now i am taking backup of live flarum for ask. virtualserver

    after uploading DB and files i will disturb if i face any issues.

    next, i should set up Redis …etc and need to change ask server to NGINX

    now deleting ask8 which is created to learn SSL

  • @phenomlab i followed this video, now i went forward with apache and enabled SSL at virtual min and ask8 is loading ✅

    from our conversation i have learned how to create SSL and apply for our server (sub-domain) at Virtualmin.

    Virtualmin is so nice it has built-in SSH easy to access.

    now i am taking backup of live flarum for ask. virtualserver

    after uploading DB and files i will disturb if i face any issues.

    next, i should set up Redis …etc and need to change ask server to NGINX

    now deleting ask8 which is created to learn SSL

    @Hari Ok, no issues. I tend to prefer NGINX over Apache2 myself.

    See below

    https://www.virtualmin.com/documentation/installation/automated/#LAMP_vs_LEMP

    Essentially, you need to suffix the install script with --bundle LEMP

  • @Hari Ok, no issues. I tend to prefer NGINX over Apache2 myself.

    See below

    https://www.virtualmin.com/documentation/installation/automated/#LAMP_vs_LEMP

    Essentially, you need to suffix the install script with --bundle LEMP

    @phenomlab yeah, i missed that

    i think migrating from apache to NGNIX is a bit complicated i will destroy this droplet and do the installation again.

    tried this, after running apt-get install nginx

    i thought this will get complicated

    https://www.digitalocean.com/community/tutorials/how-to-migrate-from-an-apache-web-server-to-nginx-on-an-ubuntu-vps


Did this solution help you?
Did you find the suggested solution useful? Why not buy me a coffee? It's a nice gesture, and a great way to show your appreciation 💗

Related Topics