Re: [webmin-l] webmin and letsencrypt without webserver?

[Pat E. <pe...@gm...>]

but this works only when you have the dns on the webmin server, right?

On Wed, 22 Feb 2017, 10:03 John Hinton, <web...@ew...> wrote:

>
>
> On 2/21/2017 11:42 PM, Jamie Cameron wrote:
>
> On 20/Feb/2017 09:32 Freddie Cash <fj...@gm...> <fj...@gm...>
> wrote ..
>
> On Mon, Feb 20, 2017 at 9:22 AM, Pat Erler <pe...@gm...
> <http://reply_mail.cgi?new=1&to=perler%40gmail%2Ecom>> wrote:
>
> is it possible to request a letsencrypt certificat on a webmin server
> without a webserver? if yes, what should go here?
> https://www.screencast.com/t/w7B20se75
>
>
> ​I don't know about doing it directly in Webmin, but it's very easy to do
> from the command-line if you control your DNS server.  Use dehydrated to
> request a Let's Encrypt certificate using DNS challenge, then just symlink
> the generated cert files into /etc/webmin, and configure Webmin to use
> those.
>
> I just implemented this for 50-odd Webmin servers, using a single Let's
> Encrypt cert (using Subjet Alternate Name support) via dehydrated and DNS
> challenges.
>
> It's not quite as automated as just letting Webmin handle everything
> internally, but it works quite nicely (update certs on a single machine,
> then push the certs out to all the others).
> ​
> --
> Freddie Cash
> fj...@gm... <http://reply_mail.cgi?new=1&to=fjwcash%40gmail%2Ecom>
>
> The next release of webmin will support DNS-based validation for Let's
> Encrypt certificate requests.
>
> Nice! That will help with getting everything setup before a move... like
> from a server where SSL is not setup.
>
>
> John
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot-
> Forwarded by the Webmin mailing list at
> web...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list
>
--