Some Certificates are Expiring

vaibhav · July 26, 2020, 2:46am

I’m seeing 2 errors in FreePBX Dashboard – screenshot attached.

My freepbx portals’s SSL certificate shows expiring in Oct 2020, so that’s fine.

I’m unable to understand what the issue is & which PBX Services do I need to restart? the whole server as in reboot or something else?

Thanks

jerrm · July 26, 2020, 8:23am

LetsEncrypt updates are currently broken if the firewall is enabled. See the threa Firewall keep getting disable.

Short term workaround would be to manually update the cert and hope it’s fixed before the cert is set to renew again in 60 days.

From the console run the following:

rm -f /var/spool/asterisk/tmp/le*
fwconsole firewall disable
fwconsole certificates --updateall
fwconsole firewall lerules disable
fwconsole firewall start

PitzKey · July 26, 2020, 10:47pm

https://wiki.freepbx.org/pages/viewpage.action?pageId=37912685

Something is missing here

jerrm · July 26, 2020, 10:54pm

Corrected.

computertechs · July 27, 2020, 2:04am

One more typo fix, the command to start the firewall is

fwconsole firewall start

(not enable)

jerrm · July 27, 2020, 3:50am

I reaaaaalllly shouldn’t post at 3am.

Usually the lerules disable will go ahead and start the firewall, but not 100% reliably.

Pretty much nothing about the FreePBX firewall is reliable though. I’ve never used it in production, but the more I test things the less confidence I have in it.

vaibhav · July 27, 2020, 3:57am

Couple of interesting updates and the reason why I posted this question.

Inspite of the certificate expired warning provided by FreePBX via Email & Dashboard, I see my server’s domain’s certificate is renewed correctly. Is there any other certificate that is not renewed?
The firewall module of FreePBX shows firewall status as enabled. I have not manually enabled it in the last few months.

image1142×541 53.5 KB

If my certificate is updated correctly, then why the error warning. If FreePBX is broken for LE certificate, then why is mine working fine

Nevertheless, I disabled and started the firewall but I see no difference in the warnings on the dashboard. Totally confused!

jerrm · July 27, 2020, 4:35am

Once the warnings are there, they won’t go away until you clear it.

If you don’t want to use the FreePBX firewall and know what you are doing, then disable or uninstall from the Module Admin page, otherwise it tends to rise from the grave.

vaibhav · July 27, 2020, 4:48am

ah! I thought the warning will go away after the issue is resolved. That explains all. Thanks.

system · August 27, 2020, 5:03am

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.