Certificate Failure Freepbx

Our cert is no longer updating. I deleted and tried to obtain a new one and resulted in same error that we get when it tries to update. See below:

There was an error updating the certificate: Error ‘Requested host ‘pbx.morrisette.com’ does not resolve to ‘our public IP’’ when requesting http://pbx.morrisette.com//.freepbx-known/7305d453fd60f92f2cc0690dd212ae1c

The public IP it tries to resolve to is not the one it needs to resolve to. Our public pbx ip is not listed in that message. Also curious about the double slash after domain.

Hi @Cothirteen,

Right now, that address seems to resolve to 40.130.71.46. Is that the correct IP address for your public IP address? Did you start using a CDN between when you previously obtained a certificate and now?

What software and command are you trying to use to obtain the certificate?

It seems that the host is sitting behind the Clodflare but previously wasn’t. Especially if that “our public IP” was expected to begin with 166.62.

Now I am getting this “There was an error updating the certificate: Error ‘Requested ‘http://pbx.morrisette.com//.freepbx-known/a62d814aba5bff64250ce6db9922b2b8’ - couldn’t connect to host’ when requesting http://pbx.morrisette.com//.freepbx-known/a62d814aba5bff64250ce6db9922b2b8

I am using the cert creator within Free PBX

And yes that is the correct address it should resolve to. Previously it was resolving to a different one

Ya know, I believe you are correct. The public address is in the DNS list. Is there something I may be missing?

Well, I can’t connect to any HTTP service on 40.130.71.46 at all (with a browser or curl). I don’t know anything about FreePBX, so I don’t know if it’s supposed to run a web server for you or if you’re supposed to run your own web server or what, but I also can’t connect there. Somehow, the certificate authority will need to connect to a web server there in order to prove your control over the domain name.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.