New freePBX 17 install script installed PBXact not FreePBX

Hi There,

I just used this script 5 days ago and the user interface I ended up with was PBXact.

I ran the following on a fresh Debian 12 install on google cloud instance.

wget https://github.com/FreePBX/sng_freepbx_debian_install/raw/master/sng_freepbx_debian_install.sh -O /tmp/sng_freepbx_debian_install.sh

and it installed - PBXact 17.0.19.25

Is this by design?

Thanks.

That seems…odd. I will do a test install today…this should not be happening…as far as I know…

So you get the PBXact branding, but I assume, no associated PBXact licensing?

Weird, but you might be able to fix it by fwconsole ma delete oembranding

I am testing as we speak. I am just running the FreePBX 17 install script, and then I will report back. Just want to see if I can reproduce it.

I cannot reproduce it:


That is a Fresh install of Debian 12.10, and a full install of FreePBX using the newest script from GitHub, and all is well:

Hi There,

Yes it has all the OEM branding of PBXact and correct that the licensing is a bit weird.

I can send you the deployment ID if that helps via direct message? I also can’t see the deployment in my sangoma portal so not sure which user it registered against.

I followed the instructions from here: https://sangomakb.atlassian.net/wiki/spaces/FP/pages/230326391/FreePBX+17+Installation

I have the install log file as well if that would help?

I can restart from a new clean install if need be but I have put a reasoinable amount of time into configuration to date so would be a bit annoying if this is what you recommend.

I ran this command it has correctly changed everything over to “FreePBX” branding instead of “PBXact”.

This is what my System Admin looks like after running:

fwconsole ma delete oembranding

However I can not Change Owner. I get the following error when I click on the change owner button.

Jackpot! Looks like you managed to get a deployment ID that has PBXact licensing already applied to it (how?) and along with it, a whole lot of commercial modules :slight_smile:

Since it shows 60 extension licenses this ID was probably connected to a 60-user PBXact appliance.

Open a support ticket.

Sorry for the naive question but how do I open a support ticket?

Thank you!

Was this issue resolved for you @PDANZ ?

I think it will be. I am waiting on my account to be enabled in the Sangoma support portal to then be able to log a ticket. I am still waiting some 10 days later for Sangoma to accept my request to create an account at which point I should be able to log a support ticket.

Ok, so I had a crack at deactivating the system to try and then reactivate the system as per this thread:

But now I get this error:

Activation Error!

Unable to display activation page. Error returned was:

OpenSSL/3.0.16: error:0A00018A:SSL routines::dh key too small

So now I am really stuck.

Any advice on how to fix this?

Use a browser that meets modern security requirements, although it is probably possible to get OpenSSL to relax its security checks.

It appears to be saying that that you are making it too easy for an attacker to find the session key.

How did you generate the certificate?

Currently you can, it’s much harder in 3.x than previous versions because all indications are pointing to by 4.x the ability to use insecure and outdated encryption will be removed.

The error/warning is thrown when a cert was generated with less than 2048 bit encryption. Doing the old standard of 1024 will cause this error to be thrown.

Edit: Since we’re talking about TLS this should also be kept in mind: TLS Certificate Lifetimes Will Officially Reduce to 47 Days | DigiCert

This issue has been around for a long time.

The problem isn’t with FreePBX, it’s with Sangoma’s server, which seems to be obsolete and hasn’t yet gotten an upgrade to modern security standards.

The FreePBX developers know this and hacked around it in the FreePBX 17 installer by adding this to the /etc/ssl/openssl.cnf file:

# FreePBX 17 changes - begin
[ default_conf ]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT:@SECLEVEL=1
# FreePBX 17 changes - end

Did you make some change to openssl that would undo the install script’s workaround?