This issue stated above resulted in a lock out. I reinstalled the system, double check DNS resolver settings on pfSense, import the SSL certificate into FreePBX and have Apache using it; yet, it not resolving and resulted in timeout connection in the browser (Firefox).. I not sure what else to do.
Hi @NolliPBX
Have you tried to check and verify your SSL certificate first on your server CLI ?
openssl s_client -connect pbx-fqdn.net:PORT
If everything good and well you should see : Verify return code: 0 (ok) Answer on your CLI terminal.
Thanks.
Shahn
Hello Shahn,
It seems that there are problems…I get what appears half-right, half timeout so unable to verify. Not sure what all that means and why. Are there any ideas?
depth=0 CN = nollivoipserver.nollicomm.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = nollivoipserver.nollicomm.net
verify error:num=21:unable to verify the first certificate
verify return:1
Certificate chain
0 s:/CN=nollivoipserver.nollicomm.net
i:/C=US/O=Let’s Encrypt/CN=R3
I can suggest you to make checks:
1- Check updates for certman module.
2- try again to import your SSL Certificate in.
3- Check you SSL Certificate permissions ( r,w,x) should be ( 0600 → -rw------- /etc/asterisk/keys )
Shahin
Yes Shahin, but also it was my fault. I forgot to paste the CA into FreePBX. It will take a few days to fix since it took me on a wild goose chase diagnosing while other work projects got neglected. Hope the firewall doesn’t get finicky again and lock me out when I do the fix.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.