I have been using the UCP for text messages from external IPs for years. My FreePBX 15.0.23 is fully updated…
Now it forces my UCP access to HTTPS, despite this being disabled in the system settings. I have no cert installed and can not use Let’s Encrypt, as I can not use port 80.
There are other ways to install Let’s Encrypt certs, but this is not the right place to go through the options.
In case it’s mainly for local usage, I like to use the mkcert go package for quick & dirty work, which basically installs a self signed CA + certs and installs the certs in the local trust store.
Getting a cert using DNS-01 does not need to be run on any particular device or feom any particular ip, it just needs you to have control over your name-server’s records.
For example
Has scripts for over 100 DNS services.
A simple post install hook script and you would be good to go.
Thanks for all your help. I now have Let’s Encrypt running. Even the HTTP to HTTPS redirection (on a different port) works fine.
The only issue I have not solved yet is that on one client (mine) when I go my UCP with HTTP on the HTTP port, Chrome uses HTTPS instead and of cause does not get a proper cert on the HTTP port. This was my original problem. I believe this has nothing to do with my FreePBX settings. It also happens, if I do not force HTTPS and it happens without changing the port.
That’s unclear, if your webserver is redirecting http to https, it would be a good idea redirect everything from your $SERVER_NAME, for apache2 something like
RewriteEngine on
RewriteCond %{SERVER_NAME} =your.url
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
and of course the same cert would be served to any client. Of course IP addressed connections will no longer be honored.