Letsencrypt for ZULU 3 for internal ip

I’ve got no issue with users connecting to my on site FreePBX server using our public ip, but i don’t know how to get a certificate for the internal ip.

I’ve been told it’s not a good idea to have Softphones originating from inside the lan to connect to freepbx using the public wan address. Would be kind of an unnecessary loop

Config the local DNS in the office to resolve the cert fqdn to the local LAN IP of the PBX.

1 Like

i’ve done this but it still fails, i’m assuming because now the internal ip doesn’t match the certificate?

Correct, create a DNS entry (in your internal DNS server) to the domain you used for the certificate to the internal ip so your clients will access zulu.yourdomain.com (or the domain you used for create the certificate) but that will point to XX.XX.XX.XX (your local ip)

sorry maybe i’m not understanding properly

Lets encrypt certificate is for WAN:

internal DNS record for LAN:

this is what i’ve set up but it will mean the ip address doesn’t match the certificate so it fails.

are you using mydomain.com that will resolve in your lan or you are you using directly the ip? you need to use mydomain.com as it will match with the cert.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.