A proper management of certificates for FreePBX+Apache+FOP2+WebRTC

Hi,

I have FreePBX 15 distro working with FOP2/WebRTC.
Today users reported that WebRTC does not work any more. It turned out that the certificate for Asterisk/WebRTC expired - so I started looking what would be the right way to make it not happen again.
The Mini-HTTP server on port 8089 which is used for WebRTC uses certificates from: /etc/asterisk/keys/integration/
The Certificate Manager, I assume, installs Let’s Encrypt certificates in: /etc/httpd/pki/

So, the question is:

  1. should all services on this machine use the same certificate which would be updated from Certificate Manager, and what should be the correct primary location for this certificate?

  2. then I should adjust this location in:

  • FreePBX / Settings / Advanced / HTTPS TLS Certificate Location
  • /usr/local/fop2/fop2.cfg / ssl_certificate
  • /etc/httpd/conf.d/ssl.conf / SSLCertificateFile
    Anywhere else?

I have copied the certificate from /etc/httpd/pki/ to /etc/asterisk/keys/integration/ and this works but it is surely not a very elegant way to fix it.

BR,
Kiziuk