FreePBX New Let's Encrypt Certificate cannot be generated

FreePBX
1

Hello:
My FreePBX has the following problems
Zulu needs a New Let’s Encrypt Certificate
LetsEncrypt, however, requires that the following hosts be allowed to inbound http access. The first three hostnames are ping-enabled, and the last one is not ping-enabled.

Firewall Warning

LetsEncrypt requires the following hosts to be permitted for inbound http access:
outbound1.letsencrypt.org, outbound2.letsencrypt.org, mirror1.freepbx.org, mirror2.freepbx.org
PBX System Firewall is not in use so this can not be verified. Please manually verify inbound connectivity.

image
image825×521 6.1 KB

Finally, after clicking on the confirmation of my certificate configuration, the following error occurred:
There was an error updating the certificate: Error ‘Requested host ‘zulupbx.com’ does not resolve to ‘175.10.38.X’ (Resolved to ‘67.219.176.18’ instead)’ when requesting http://zulupbx.com//.freepbx-known/d34ac1fbf8b2771d04443e74d9008cb7
image
image1887×897 64.5 KB

2

It says pretty clear, the FQDN you are trying to the issue the certificate is pointed (and resolving) to your FusionPBX, not your FreePBX.

3

Hello:

Thank you for your reply.

Where is Fusion PBX?

4

I do not know why redirect to fusionpbx. fusionpbx is not my pbx and I do not host this. I think something wrong with DNS?

5

Do you manage zulupbx.com ? If so, seems like it’s not pointing to the right IP. So point it to your FreePBX IP, wait 5 minutes and try again.

6

I do not manage the zulupbx.com, it is fake domain.

7

OMG WHAT? Are you seriously expecting this to work?

In order to get a certificate for a domain, you HAVE to manage that domain. You cannot just make up a fake name and expect it to work…

8

Hello:

I am a newcomer. I don’t know how to manage this domain. Can you tell me a learning website?

Thank you!

9

Apparently this domain is already owned by someone else, you’ll need to purchase a new domain from a trusted seller, like GoDaddy, Google, NameCheap etc. Then point your domain to your WAN IP and forward port 80 to your PBX temporarily.

Or you can have your LE verification only on port 80, and the entire GUI on a different port.

I don’t know if any specific sites. Google is your friend.

10

Thank you very much for your help.

11

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.