Let's Encrypt SAN (Subject Aleternative Name)

Freshly installed and updated FreePBX 13 10.13.66-22 on a physical server in a data center. 2 NICs with firewall in front. Eth0 172.16.x.x, Eth1 10.10.x.x. Eth1 has 1:1 NAT for public IP.

Created public DNS for pbx01.mydomain.com, tested to make sure it works and and machine sees it’s WAN IP correctly as 1:1 NAT. Generated Let’s Encrypt cert with no errors via Sys Admin module.

Problem is browsers say site is not secure. In chrome:

“This server could not prove that it is pbx01.mydomain.com; its security certificate does not specify Subject Alternative Names. This may be caused by a misconfiguration or an attacker intercepting your connection.”

Let’s Encrypt docs talk about the --expand tag in cli.ini, but I don’t have one of those and I’m unsure if making it would work with FreePBX Letsencrypt module.

So how would I add a SAN to my Let’s Encrypt cert?

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.