LetsEncrypt process broke my web gui access FREEPBX17

CharlotteInternet · October 5, 2024, 4:51pm

Hello - just finished a fresh install of FreePBX17 - installation process worked with no issues. Moved the system into production. No issues. Until, I decided to use letsencrypt for the SSL process. I followed the documented steps. This is the error when I try to access the system. “the site at http://xxx.xxx.xxx.xxx/ has experienced a network protocol violation that cannot be repaired.”

This system is a VM install. I can access the console and ssh. I’ve reviewed several wiki’s…
fwconsole sa ports “Port 80 ACP ENABLED”

I would appreciate any suggestion to reverse this process and regain control of the WEB GUI.

dicko · October 5, 2024, 5:09pm

and https://xxx.xxx.xxx.xxx/admin/ ?

CharlotteInternet · October 5, 2024, 5:24pm

Hi dicko - I tried both https://xxx.xxx.xxx.xxx/admin and http://xxx.xxx.xxx.xxx/admin - both give same results.

dicko · October 5, 2024, 5:28pm

ls -l /etc/apache2/sites-enabled/
ls -l /etc/apache2/sites-available/

?

CharlotteInternet · October 5, 2024, 6:02pm

root@two:~# ls -l /etc/apache2/sites-enabled/
total 0
lrwxrwxrwx 1 root root 31 Oct 2 13:34 freepbx.conf → …/sites-available/freepbx.conf
lrwxrwxrwx 1 root root 31 Oct 4 18:04 sangoma.conf → …/sites-available/sangoma.conf
root@two:~# ls -l /etc/apache2/sites-available/
total 20
-rw-r–r-- 1 root root 1286 Jul 7 09:26 000-default.conf
-rw-r–r-- 1 root root 6195 Jul 18 01:26 default-ssl.conf
-rwxr-xr-x 1 asterisk asterisk 1337 Sep 23 09:00 freepbx.conf
-rw-r–r-- 1 root root 3222 Oct 5 09:36 sangoma.conf

dicko · October 5, 2024, 6:06pm

grep ssl -ir /etc/apache2/sites-enabled/*
?

CharlotteInternet · October 5, 2024, 6:10pm

root@two:~# grep ssl -ir /etc/apache2/sites-enabled/*
root@two:~#

results

dicko · October 5, 2024, 6:16pm

Check your work,
you need both a defined

SSLCertificateFile
and
SSLCertificateKeyFile

for SSL to work
You might try unlinking …/sites-eanbled/sangoma.conf and reloading apache2 to see if http:// works again.

CharlotteInternet · October 5, 2024, 6:25pm

Thanks - how do I unlink …/site-enabled/sangoma.conf ? I tried looking for wiki steps.

dicko · October 5, 2024, 6:32pm

rm /etc/apache2/sites-enabled/sangoma.conf ; apache2 -t; systemctl restart apache2; apache2 -t

CharlotteInternet · October 5, 2024, 6:49pm

Thanks - I used the following commands
root@two:~#rm /etc/apache2/sites-enabled/sangoma.conf
root@two:~#
root@two:~#service restart apache2
root@two:~#
and I’m back in the gui. Thanks - I’ll do a better job turning on the SSL.

tmittelstaedt · October 5, 2024, 9:09pm

letsencrypt won’t issue a certificate on an IP address. It has to be a real dns name

system · October 12, 2024, 9:09pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.