Uploaded image for project: 'FreePBX'
  1. FreePBX
  2. FREEPBX-23632

Asterisk mini-http server not using new certs after LetsEncrypt renewal

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: No Feedback
    • Affects Version/s: 16
    • Fix Version/s: None
    • Component/s: Certificate Manager
    • Labels:
      None
    • Asterisk Version:
      18.6.0
    • Distro Version:
      16.0.21.3
    • Distro:
      FreePBX Distro

      Description

      When certificate manager updates automatically with new certificates from LetsEncrypt, the FreePBX website updates (443) fine without any intervention. But the mini-http server running on port 8089 continues to use the old, expired certificate. This causes all WebRTC connections to fail until Asterisk is restarted (because it uses wss).

      It's required to hit Apply Config on the UI to fix it, but in my opinion, it should be automated since managing multiple deployments and requiring to restart manually for each of them isn't a very scalable solution. Also, it becomes a mission critical issue for Web clients since there is no other alternative except depend on the wss socket.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  fdanard Franck Danard
                  Reporter:
                  ShortFuse United States
                • Votes:
                  2 Vote for this issue
                  Watchers:
                  6 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Feedback Requested:

                    NextupJiraPlusStatus

                    Error rendering 'slack.nextup.jira:nextup-jira-plus-status'. Please contact your Jira administrators.