UCP using old SSL Cert for 8003 but uses current one everywhere else

I’m getting the dreaded “xhr poll error” constantly when using UCP. When I look at the cert when at the UCP dashboard, it uses the correct cert. However, when I look at the console, I see a bunch of errors like this,

Failed to load resource: net::ERR_CERT_DATE_INVALID

The URL that shows is:
Privacy error ([DOMAIN].com)

When I inspect the above page and look at the cert, it indicates it’s using a cert for the correct host/domain but it’s showing an issue date of 2-10-22 and expires on 05-28-2022. The current cert dates are 05-31-2022 and 05-31-2023 respectively.

I found where the correct cert info is located, which is /etc/asterisk/keys/pbx.crt

I noticed that there were settings in Advanced Settings pointing to a file located at /etc/httpd/pki/webserver.crt and /etc/httpd/pki/webserver.key.

These files were not the same as the pbx.crt and pbx.key.

I changed the settings to the pbx.key/crt for the following:
HTTPS TLS Certificate Location
HTTPS TLS Private Key Location
NodeJS HTTPS TLS Certificate Location
NodeJS HTTPS TLS Private Key Location

All of the above were pointing to /etc/httpd/pki/webserver.crt/key

After saving those changes, I restarted the httpd service and tried to reload the page but it’s still pointing to the cert that expired in 2022. I tried a different browser to make sure it didn’t cache the old cert and same issue.

It looks like it was the Node server that continued to use the old certs. They were located in the folder /etc/asterisk/keys/integrations and I replaced the webserver.crt and the webserver.key with the pbx.crt and pbx.key located in the etc/asterisk/keys folder. I restarted the server and now I’m no longer getting the polling errors.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.