Certificate Mismatch Error

thehammer86 · December 9, 2022, 6:52pm

Having a strange issue in the last week. Updated FreePBX OS packages and modules. Just my soft-phones (Bria Mobile and Zoiper Windows/Desktop) are throwing certificate mismatch errors. Both soft-phones also happened to be updated across my setup at the same time as the PBX as well.

The part i can’t figure out is why these apps would be complaining? The error message says the “Expected Name:” is an IP address which makes no sense. My certs are generated by Let’s Encrypt. The same certificate is also used for HTTPS web connections to the UCP.

There was an issue months and months ago with the way Certificate Manager was creating/packaging up the various components of the certificate chain. I’m wondering if there has been a regression?

Everything is PJSIP (trunks and endpoints).

Thoughts?

dicko · December 9, 2022, 6:55pm

Check your soft phones are registering to the fqdn and not the ip of the fqdn ?

thehammer86 · December 9, 2022, 6:57pm

Desk phones and softphones have been set up to register with the FQDN for years now. Nothing has changed there. I am aware the FQDN is needed for proper PJSIP/TLS.

thehammer86 · December 9, 2022, 7:00pm

Is it possible that both Bria and Zoiper are using some shared library that is broken?

I just pulled out an old phone with Bria 6.6.3.129673 and it seems to be fine.

Bria 6.10.2.132736 seems to have broken functionality.

Why is it so hard in this day an age still for vendors to implement TLS properly? It really boggles my mind.

system · January 9, 2023, 7:00pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.