I know this question has been asked a million times, but I can’t find an answer to my particular situation. Besides blocking port 80 (which I don’t want to do), I see the answer is to add VirtualHost to a conf file in /etc/httpd. The problem is that I don’t have an httpd folder (Debian 10). I tried adding VirtualHost redirect to /etc/Apache2/apache2.conf but that didn’t work.
Then it restarted successfully. But when I went to access the site, while it redirects from http, I get this error in my browser: ERR_SSL_PROTOCOL_ERROR
Let’s Encrypt. I used Admin > Certificate Management in the FreePBX interface. I noticed also that I could also access via the IP address (GCP cloud instance), but http only. So I edited /etc/hosts and for 127.0.0.1 I changed localhost to my sub.example.com but that didn’t make a difference with anything.
FYI, I deleted the default self signed certificate in the Certificate Management module yesterday because I thought I had to… was I supposed to keep it?
It’s working now. I had to delete my certificate in the Certificate Management (made sure there were no certificates), and then I used CertBot to add the certificate instead.
Then I added the following to /etc/apache2/apache2.conf:
A couple of small to large problems with that solution, FreePBX expects its cert and key (as *.crt and *.key) in `/etc/asterisk/keys’ so the certman module can properly import and link them into /etc/asterisk/keys/integration, you will need that for seamless TLS connections and WEBRTC. It is better if your acme client and webserver follows these ‘conventions’.