When accessing UCP over HTTPS on port 4443, a constant error message pops up. After closing it, it pops up again and again. This problem does not occur when accessing over plain HTTP over port 81. This is on a fresh installation of SNG7 FreePBX 14 Asterisk 13.
See attached.
In Advanced settings you want to ensure secure Nodejs is enabled, and your browser needs access to that port.
Thanks for the quick response
Just checked and nodeJS server is already enabled. HTTPS port is already set to 8003. I’m on the same subnet as the PBX when trying to access UCP and the error still occurs. In the FreePBX firewall, it shows UCP using ports 81, 4443, 8001, and 8003.
I tried in Firefox and Chrome and I still get the error. But weirdly I don’t get the error in I.E. 11.
I still have the hard drive from when I was using FreePBX 13 just a week ago and UCP works without issue in all of the browsers.
What’s UCP in version 14 doing differently?
Nothing. It can’t connect to port 8003
Why does FreePBX 13 not have any issues with all three browsers but only Chrome and Firefox have issues with FreePBX 14?
I’m on the same subnet as the PBX. Clearly this isn’t a firewall issue on my part as it works fine over HTTP/81 and port 8001.
Open up the console log in the browser to see for yourself.
I am getting the following error in my Firefox browser console:
XXX.XXXXXXX.XXX:8003 uses an invalid security certificate.
The certificate is not trusted because it is self-signed.
The certificate is not valid for the name XXX.XXXXXXX.XXX.
Error code: SEC_ERROR_UNKNOWN_ISSUER
It turns out that somehow in the Certificate management module the default certificate got set back to the self-signed one that was setup during the initial installation of FreePBX. I set it back to my Let’s Encrypt one and its all good now. I guess NodeJS is relying on the default certificate in “certificate management” and not the HTTPS setup certificate in system admin.
Thanks for posting your solution. I had the same problem where my certificate somehow was switched back to the Self Signed instead of Let’s Encrypt.