Freshly installed and updated FreePBX 13 10.13.66-22 on a physical server in a data center. 2 NICs with firewall in front. Eth0 172.16.x.x, Eth1 10.10.x.x. Eth1 has 1:1 NAT for public IP.
Created public DNS for pbx01.mydomain.com, tested to make sure it works and and machine sees it’s WAN IP correctly as 1:1 NAT. Generated Let’s Encrypt cert with no errors via Sys Admin module.
Problem is browsers say site is not secure. In chrome:
“This server could not prove that it is pbx01.mydomain.com; its security certificate does not specify Subject Alternative Names. This may be caused by a misconfiguration or an attacker intercepting your connection.”
Let’s Encrypt docs talk about the --expand tag in cli.ini, but I don’t have one of those and I’m unsure if making it would work with FreePBX Letsencrypt module.
So how would I add a SAN to my Let’s Encrypt cert?