It has come to my attention that the Let's Encrypt functionality built into Webmin and Virtualmin could use a much needed improvement.
Scenario #1 - Virtualmin installed with Apache - In this instance, everything works fine as intended since the Acme client can connect and do it's automatic validation without issue.
Scenario #2 - Webmin Installed with No Virtualmin and/or Apache - In this instance, we run into a problem. The only way to validate a certificate is to manually install the Acme client and setup the certificate via the command line.
To deal with this model, you could make use of the DNS validation model, where the Acme client will produce a DNS record that can be installed, then validated against the Acme server accordingly.
This addition would make it possible to install a Webmin Let's Encrypt certificate where the server is for instance running as a dedicated "DNS", "MySQL", or "Email" server.
I hope this suggestion helps in further developing the integration of Let's Encrypt which has been one of the best major additions to Webmin/Virtualmin since the introduction of the new Authentic Theme.