apparently my certificate was uptated, I restart my pbx but im still having the old certificated I have this message on my dash “Some SSL/TLS Certificates have been automatically updated. You may need to ensure all services have the correctly update certificate by restarting PBX services”
how i can fix this?
Thanks in advance…
You have to manually clear it.
How I can clear the old certificate?
Clear the error on the dashboard.
Thats not a Real solution, thats just the notification, the problem is if I check the certificate on the browser have the old one, not the new one.
- FreePBX lied to you about the certificate being updated.
- Your browser cached the certificate and has not yet pulled the new one.
I’ve never seen #1
I have the same issue. FreePBX Let’s Encrypt Module shows that it updated the cert:
But after restarting everything and even clearing the browser certs, still shows old cert:
This is what i did to fix it, The firewall was blocking the renew, so i just disable the firewall delete the certificated, generate a new one and add it or installed on system admin.
I also force to use https with this:
I added the following to /etc/httpd/conf.d/freepbx.conf :
<VirtualHost :80>
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^/admin(.)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
and restart httpd:
sudo systemctl status httpd.service
This helps me to update my certificate and force to use https:
I hope this works for you guys as well.
Quick vid showing how to config the FreePBX firewall to allow renewal:
There is also a ticket being worked now for new features around renewal.
Do you have a link to that ticket? I’d like to keep track of how you all are dealing with the LE changes.
Thanks!
Hi Brian.
There maybe a public facing ticket, but the bulk of the work is being done on an internal one that is not public.
edit - previous edit deleted, too soon.
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.