So I read the Recent reports of ARI exploit on FreePBX systems and changed the ARI username and password, but after restart of the system (yes, I did fwconsole r and fwconsole restart, but also rebooted the whole system), I get an error in FreePBX (under Asterisk Info, section Channels: The Asterisk REST Interface is not able to connect please check configuration in advanced settings.
Any idea how to solve this?
P. S. in file /etc/asterisk/ari_additional.conf I can see my newly generated user ( generated with fwconsole setting FPBX_ARI_USER <15-char-rnd-string>).
P. S. 2: When I changed FPBX_ARI_USER and FPBX_ARI_PASSWORD, everything started working back… so it seems there is some configuration change missing somewhere.
I had the same issue and then realized I missed the “alphanumeric” requirement in the name and password.
I replaced all special characters with alphanumeric characters and set the new username and password. Everything worked like normal after the restart - no more “…Asterisk REST Interface is not able to connect…” error.
Wow, that was actually the case. I had some special characters, like . - _ in password (!) (not the username), and it broke everything. Now it is working.
Please be more specific for this, as in FreePBX. The ARI password in Asterisk doesn’t have silly limitations like this. So Asterisk allows for it but again the method being used is FreePBX’s method.
See, you can generate ARI passwords with special characters and it works just fine.
hvs01-west*CLI> ari mkpasswd Gfju%(459GnxyA!@+
; Copy the following two lines into ari.conf
password_format = crypt
password = $6$J05vwerfD/q0d2w3$klTL2zuDC8YNGUyD1qeDztviYws2wpCU8/..0MSX5FOjiTMKBpaZ.iooZNjBYjL3E9RQSjvHfGXrUMY9pahZZ1