bksales
(bksales)
September 19, 2016, 10:30pm
1
running
PBX Firmware: 10.13.66-14
FreePBX 13.0.188.8
Certificate Manager 13.0.34
we get the following error when attempting to get a Let’s Encrypt Certificate (i have blanked out the subdomain)
There was an error updating the certificate: Please check http://xxxxxx.bkss.net/.well-known/acme-challenge/SI89c_U2u8HrGIKl_2FNn86y48FytLg2l13aA3EnF70 - token not available
i have tried deleting the /etc/asterisk/keys/_accounts directory and have verified that the firewall is properly configured. any help is greatly appreciated.
tm1000
(Andrew Nagy)
September 19, 2016, 10:41pm
2
This means Let’s Encrypt could not find that URL.
bksales
(bksales)
September 19, 2016, 10:47pm
3
i hear ya, but i can access the pbx using the url as can people in california and brazil and southeast asia
tm1000
(Andrew Nagy)
September 19, 2016, 11:06pm
4
Unfortunately Let’s Encrypt is unable to access the URL.
Do you have Admin on 80?
PM me the address for the token URL
tm1000
(Andrew Nagy)
September 20, 2016, 2:12pm
5
Your URL works. I just generated a Let’s Encrypt Certificate through FreePBX and everything was fine.
At this point you’d be best to try it all manually
1 Like
255
January 31, 2017, 6:59pm
6
I have the same issue. Just a question… Does the PBX need to be able the resolve and load the token URL?
It seems when I request the certificate, the fail response is returned very quickly and makes me think that the failing has something to do with “local” URL resolution rather than “LetsEncrypt” URL resolution?
With thanks
Logical Solutions
xrobau
(Rob Thomas)
January 31, 2017, 8:18pm
7
You need to read the error, and fix it. The error actually tells you what the problem is.
1 Like
jpaquin
(Jacques Paquin)
June 7, 2018, 6:05pm
8
I had this issue. I could see the request for that URL coming through my pfSense firewall, but it wasn’t coming from a LetsEncrypt mirror.
In Admin->System Admin->Hostname I put in the hostname that LetsEncrypt was trying to find and voila everything worked.
I tried every iteration of firewall configuration in FreePBX, but that was the final piece needed to make it work.