I have FreePBX 15 distro working with FOP2/WebRTC.
Today users reported that WebRTC does not work any more. It turned out that the certificate for Asterisk/WebRTC expired - so I started looking what would be the right way to make it not happen again.
The Mini-HTTP server on port 8089 which is used for WebRTC uses certificates from: /etc/asterisk/keys/integration/
The Certificate Manager, I assume, installs Let’s Encrypt certificates in: /etc/httpd/pki/
So, the question is:
should all services on this machine use the same certificate which would be updated from Certificate Manager, and what should be the correct primary location for this certificate?
then I should adjust this location in:
- FreePBX / Settings / Advanced / HTTPS TLS Certificate Location
- /usr/local/fop2/fop2.cfg / ssl_certificate
- /etc/httpd/conf.d/ssl.conf / SSLCertificateFile
I have copied the certificate from /etc/httpd/pki/ to /etc/asterisk/keys/integration/ and this works but it is surely not a very elegant way to fix it.