Https / let's encrypt questions


(John) #1

I’ve managed to get my let’s encrypt certificate to validate and be installed. I changed my normal admin port to 8888, let’s encrypt uses 80. If I put in my pbx domain without any port or https/http I get 403 forbidden. If I add :8888 to the domain I can login (unsecured). If I add https:// it works as expected and is secured.

I am not certain if I am supposed to be automatically re-directed from 8888 to 443?

This is basically a dummy system on vultr, no trunks assigned.


(Jared Busch) #2

Sadly, no. FreePBX does not natively force your to redirect to HTTPS.


(John) #3

Thank you. Therefore I am to always put in https://pbx.mycompany.com ?

Can I disable non secure http? I don’t believe I can or is that a firewall question?


#4

I recommend disabling it in the firewall for all but the loopback address.

That way, if something goes wrong with TLS that you can’t easily fix from the command line, you can use SSH port forwarding to gain access to the GUI.


(system) closed #5

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.