Automatically migrate certificate from another server

Probably the title is wrong, but here I try to explain my problem:

I want my users to access UCP with WebRTC enabled and working. I know that for that to happen I need a certificate which has to be accepted by the browsers.

What I do for my other APPS (nextcloud, odoo, etc.) is to use a reverse proxy server which also generates Let’s Encrypt certificates. I have just one public IP address and the port 80 in this IP is forwarded to the reverse proxy server.

What I did, for simplicity, was to access the PBX directly without reverse proxy. I manually copied the certificates (eg. from the reverse proxy to the PBX server, then applied the certificate to UCP and apache from the GUI and everything is working great.

UCP is working fine, with the WebRTC and all.

The problem is that this certificate is going to expire soon, what is normal in Let’s Encrypt, but I won’t have the benefit of auto renewal as I have in my other apps because I migrated the certificate manually. I will have to do it again every time the certificate is near expiration.

I want your suggestions of how can I automate this process. I can have a script to copy the certificates daily, but I don’t know exactly where to put them or if I need some extra work. Also I think I should put the certificates in apache configuration. Thank you.

Why don’t you generate a LE cert within the built-in module?

If you sysadmin module is upto date you can have LE only on port 80.

Because the PBX cannot be reached from the outside in port 80. Only the reverse proxy server. And if I change that I won’t be able to generate LE for my other web apps.

I could use another port, bu as long I as I know that is not possible for certificate generation.

Maybe there is something I can do in the firewall or the reverse proxy server, but I’m out of ideas.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.