Let's Encrypt issue after upgrade to 2.4.0-5

VitalPBX Community Support General Discussion Let's Encrypt issue after upgrade to 2.4.0-5

Up
0
Down
  • Post
    TheG-Man
    Participant

    Hello,

    Let’s Encrypt cert stopped renewing after I upgraded to 2.4.0-5.

    When I click update on certificate, I get the attached error.

    I tried disabling firewall and it didn’t seem to correct the issue.

    Thanks!

    -G.

    0
Viewing 15 replies - 1 through 15 (of 28 total)
  • Replies
    mo10
    Participant

    Just tried it here. Same problem.

    0

    I think this is something related to let’s encrypt server, due, in this version of VitalPBX, nothing has changed on Let’s encrypt library.

    0

    Try the following, enable the access of your PBX through HTTP (Port 80), then, delete the let’s encrypt certificate, and create it again. 

    0
    TheG-Man
    Participant

    @ing-joserivera26

    Recreating certificate from scratch worked.

     

    0
    mo10
    Participant

    Would auto renewal usually work on time? A few days before expire?

    Thanks

    0
    TheG-Man
    Participant

    @mo10

    Yes, and if it can’t renew Let’s encrypt will send you email saying that your cert will expire in x days.

     

    0
    mo10
    Participant
    Posted by: @ing-joserivera26

    Try the following, enable the access of your PBX through HTTP (Port 80), then, delete the let’s encrypt certificate, and create it again. 

    Did not work for me:
    valid until 1970-01-01

    0
    TheG-Man
    Participant

    @mo10

    Are you sure you are not blocking it with firewall?

    Try running

    systemctl stop firewalld

    from console and try adding cert again.

     

    0
    Posted by: @mo10
    Posted by: @ing-joserivera26

    Try the following, enable the access of your PBX through HTTP (Port 80), then, delete the let’s encrypt certificate, and create it again. 

    Did not work for me:
    valid until 1970-01-01

    Did you get some error on the web UI when trying to regenerate the certificate?

    0
    mo10
    Participant

    @ing-joserivera26

    Nope, no error.

     

    0

    Try executing this script on the Linux console

    /usr/share/ombutel/scripts/lets_encrypt

    Let me know if you get some output.

    Make sure you have enabled the access to your PBX trough the port 80

    0
    mo10
    Participant

    @ing-joserivera26

    Nothing happens.

    [root@vitalpbx ~]# /usr/share/ombutel/scripts/lets_encrypt
    [root@vitalpbx ~]# /usr/share/ombutel/scripts/lets_encrypt
    [root@vitalpbx ~]# /usr/share/ombutel/scripts/lets_encrypt

    Before deleting the Cert this showed up:

    [root@vitalpbx ~]# /usr/share/ombutel/scripts/lets_encrypt
    CertCron: Invalid response
    header: HTTP/1.1 404 Not Found
    Server: nginx
    Date: Wed, 19 Feb 2020 22:00:41 GMT
    Content-Type: application/problem+json
    Content-Length: 111
    Connection: keep-alive
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"


    body: {
    "type": "urn:ietf:params:acme:error:malformed",
    "detail": "No order for ID 1807638746",
    "status": 404

     

    0
    mo10
    Participant
    Posted by: @theg-man

    @mo10

    Are you sure you are not blocking it with firewall?

    Try running

    systemctl stop firewalld

    from console and try adding cert again.

     

    Wow, this helped. Thanks. How is that possible?!

    Maybe because of Geo-Firewall?

    0
    TheG-Man
    Participant

    @mo10

    It could be. Can’t tell. Had a similar issue where I couldn’t update because of firewall and @giovanni-v suggested disabling firewall in console.

     

    0
    mo10
    Participant
    Posted by: @mo10
    Posted by: @theg-man

    @mo10

    Are you sure you are not blocking it with firewall?

    Try running

    systemctl stop firewalld

    from console and try adding cert again.

     

    Wow, this helped. Thanks. How is that possible?!

    Maybe because of Geo-Firewall?

    @ing-joserivera26

    Please Check! Thank you.

     

    0
Viewing 15 replies - 1 through 15 (of 28 total)

Tagged: 

  • You must be logged in to reply to this topic.