Verification Timeout on FreePBX

Over the past week, I started getting alerts that my Let’s Encrypt certificate is expiring on my FreePBX server which is odd because I’d been relying on auto renewals for a while. I started digging in and realized that the verification was timing out. As for process of elimination, I:

  • disabled the firewall,
  • checked that I can access a test file in the acme-challenge directory from the browser
  • checked that the token is appearing in the directory during the verification process
  • checked the access_log to verify that the Let’s Encrypt validation servers are indeed able to reach the challenge token and receive a 200 response

At this point, I’m not sure what else to do. Is anyone else having this issue?

1 Like

@rypecan , welcome to the community!

What does the ACME client log file contain about reason of the verification failure reported by the Letsencrypt server?
(You did not fill up the questioner originally presented at opening of the topic. It would help to provide better support.)

4 Likes

How many requests did you see in your access log?

Because Let's Encrypt recently added 2 validation centers outside the USA. You should be seeing at least 4 and probably 5 "200" responses for a successful challenge.

You might want to review this topic. I know the title says "during April" but it really should say "starting April"

4 Likes

Thank you, @MikeMcQ! I blocking most traffic outside of the USA which caused the issue. I didn't realize some validation was outside of the USA.

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.