Unable to generate a Let's Encrypt Certificate

PBX Firmware: 10.13.66-14
Certificate Manager 13.0.34

we get the following error when attempting to get a Let’s Encrypt Certificate (i have blanked out the subdomain)

There was an error updating the certificate: Please check http://xxxxxx.bkss.net/.well-known/acme-challenge/SI89c_U2u8HrGIKl_2FNn86y48FytLg2l13aA3EnF70 - token not available

i have tried deleting the /etc/asterisk/keys/_accounts directory and have verified that the firewall is properly configured. any help is greatly appreciated.

This means Let’s Encrypt could not find that URL.

i hear ya, but i can access the pbx using the url as can people in california and brazil and southeast asia

Unfortunately Let’s Encrypt is unable to access the URL.

Do you have Admin on 80?

PM me the address for the token URL

Your URL works. I just generated a Let’s Encrypt Certificate through FreePBX and everything was fine.

At this point you’d be best to try it all manually

1 Like

I have the same issue. Just a question… Does the PBX need to be able the resolve and load the token URL?

It seems when I request the certificate, the fail response is returned very quickly and makes me think that the failing has something to do with “local” URL resolution rather than “LetsEncrypt” URL resolution?

With thanks

Logical Solutions

You need to read the error, and fix it. The error actually tells you what the problem is.

1 Like

I had this issue. I could see the request for that URL coming through my pfSense firewall, but it wasn’t coming from a LetsEncrypt mirror.

In Admin->System Admin->Hostname I put in the hostname that LetsEncrypt was trying to find and voila everything worked.

I tried every iteration of firewall configuration in FreePBX, but that was the final piece needed to make it work.