FreePBX 14 - Cannot update Let's Encrypt certificate!

Connex · July 3, 2018, 12:18am

I thought FreePBX doesn’t have these kinds of issues anymore but looks like it still does, even in the version 14.

I tried updating my Let’s Encrypt certificate but it gave me this message:

There was an error updating the certificate: Error ‘Token did not match’ when requesting http://mypbxurl.com//.freepbx-known/06dc6cc3b6bcb36fc5310b7af9c8159b

Why in the world did it work at the time when I created that certificate but it doesn’t work to update it now? I have not changed anything with the configuration of FreePBX ever since I created that certificate.

My URL works perfectly fine and it is a dns service from google. Same exact scenario works in FreePBX 13 using the same dns service. I was just able to update the certificate in that instance.

I also have not loaded ANY updates.

tm1000 · July 3, 2018, 3:45am

The token is generated on your pbx and then sent to the mirror server and the mirror server then checks if your pbx really has that token. So if the tokens doesn’t match that means something else is at that url not your pbx

Connex · July 5, 2018, 10:24pm

Why did it work out of the box last time and for some magic reason it’s sending a wrong token now? Who told it to send a different token this time? Is FreePBX changing configs on its own or something? I just don’t understand why such a long term supported product has these silly issues still.

tm1000 · July 6, 2018, 12:49am

You need to check your own configuration. This isn’t a freepbx bug. It’s actually not a bug at all. It’s a user misconfiguration

Connex · July 7, 2018, 1:12am

Where should I check? I haven’t changed anything with my domain name or IP address. As soon as I installed FreePBX 14 I installed a lets Encrypt certificate, all went well. Did say anything like what it says now.

What config should I check?

Connex · July 7, 2018, 1:26am

When I try to update I get this message

There was an error updating the certificate: Error ‘Token did not match’ when requesting http://pbx.mydomain.com//.freepbx-known/1c08b36cffe989c0f67d048cadae074e

Why does it add this after my domain name //.freepbx-known/1c08b36cffe989c0f67d048cadae074e

The FQDN of my pbx is supposed to be just http://pbx.mydomain.com

Where should I change so it doesn’t add this in the request?

tm1000 · July 7, 2018, 3:49am

You can’t remove that. It’s part of the token check

PitzKey · July 8, 2018, 11:18am

I don’t recall seeing two // how come it adds it?

tm1000 · July 8, 2018, 12:44pm

Two // doesn’t matter. It will resolve to one.

mniess · July 3, 2019, 1:10pm

Hey. I was having the exact same issue. The problem was, that I modified /etc/httpd/conf.d/freepbx.conf to redirect all port 80 traffic to 443. You can either add an exception for .freepbx-known or remove that redirect.

system · July 2, 2020, 1:10pm

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.