Uploaded image for project: 'FreePBX'
  1. FreePBX
  2. FREEPBX-21570

SangomaCRM REST API does not use the OS's trusted CA store

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Commercial
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Sangoma CRM
    • Labels:
      None
    • ToDo:
    • Asterisk Version:
      13.32.2
    • Distro:
      FreePBX Distro

      Description

      After the Sectigo certificate expiry described here, my webhooks to a destination using one of those certificates began failing. I removed the problematic certificate from the destination, and everything now looks good when running curl or openssl from the console, however /var/log/asterisk/sangomacrm.log still shows:

      RestAPI: HTTP Post Received Response="cURL error 60: Peer's Certificate issuer is not recognized." [] []

      This leads me to believe it is looking at a different certificate store to get its trusted CAs than the OS or curl or openssl run from the command line, since they work fine with the new CA certificate.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                stratum stratum
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  NextupJiraPlusStatus

                  Error rendering 'slack.nextup.jira:nextup-jira-plus-status'. Please contact your Jira administrators.