I think my GUI lets encrypt module is corrupted. I was only able to generate a certificate once in April 2020. If I run the generate Lets Encrypt Certificate, it times out and gives error.
I can generate the Four files
cert.pem
chain.pem
fullchain.pem
privkey.pem
using cp I placed the files into the /etc/asterisk/keys
I was told to rename the cert.pem to cert.crt and privkey.pem to privkey.key I don’t know what to rename the chain.pem and fullchain.pem to.
Also should I rename these files with a more unique name so the import locally will work? https://wiki.freepbx.org/display/FPG/Certificate+Management+User+Guide
Is there a way to resinstall the certificate manager? There are many modules that are dependant, so i can’t. Is there a way to check the program for certificate manager to make sure its not corrupted?
What folder should the letsEncrypt files be stored in. /etc/asterisk/keys/ ?
I have been limited on what I can do with this PBexact UC 40 system since I cant import certificates.
the instructions are for at least me, inadequate and I would love for someone to debug me and possibly update the website with more detailed info to help future people.
I have posted 4 times, and no one can help, then months go by and I try again.
thank you.
I changed the names by using mv cert.pem subdo.doma.com.crt and then mv privkey.pem subdo.doma.com.key
i did a ls -l and see that they are changed correctly.
they wont import from the shell or gui
for some reason, the 4 key files that were generated, when i copy them to the correct /etc/asterisk/keys folder, after the file name i see “-> …/…/archive/subdo.doma.com/cert1.pem” so i dont know
Also when i do the fwconsole command, i get an error for one of the modules
[root@subdo keys]# fwconsole cert --list
Failed loading /usr/lib64/php/modules/ixed.5.6.lin: /usr/lib64/php/modules/ixed.5.6.lin: undefined symbol: _zval_ptr_dtor
but it does run after that faild loading part and i can see the info from the command.
i can view the contents of the files by running
openssl x509 -in cert.pem -text
When i did run the shell commands to get the cert/key i did get the acme challenge string to put as a txt file as an text record for the subdomain for my dns and checked it on digwebinterface.com
how does this text record get posted to my dns when the GUI is ran?
You copied symlinks to the file, I always use my acme client’s post update hook to actually copy the generated files But I don’t use the FreePBX acme client nor Certbot so I can’t be specific.
I have never been aware that SourceGuardian is used so can’t help there.
Are you attempting DNS-01 or HTTP-01 for your ‘challenge’ ?