You will have to look at the code or tease it out by toggling options one by one.
↧
Where are conference bridge configs stored?
↧
Where are conference bridge configs stored?
↧
↧
Where are conference bridge configs stored?
Thanks.
↧
Can't activate commercial module
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
↧
Call hung up, cause:busy
I am trying to web call using freepbx and asterisk, but outgoing call always hung up by saying it’s busy. There are no errors in asterisk log. It happens after updating the SSL certificate, before that the call was working. Please let me know what can be the possible cause? and also, if you need any additional information. I have attached the screenshot of call log :
↧
↧
Let's Encrypt renewal - Token did not match
I have this problem currently. Looking to see if anything has been found to fix the issue.
FWIW, I found a nicely detailed answer[1], but it did not resolve my ‘Token did not match’ problem.
[1] See @invdrv’s answer to LetsEncrypt update error
↧
Root password default
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
↧
LetsEncrypt 'Token did not match'
Please note that this topic is not a duplicate of the other similar posts I could find. This is a ‘Token did not match’ failure, not a “Token unavailable…” error.
On the Dashboard I get a message:
Security Issue
Some Certificates are expiring or have expired
This is a critical issue and should be resolved urgently
When I go to Admin > Certificate Management and click on the Edit button for the default certificate (which is of type “Let’s Encrypt”), I get the “Edit Let’s Encrypt Certificate” page with a green “Firewall Validated” message. So far, so good.
Unfortunately, when I click on the “Update Certificate” button, I get the message:
There was an error updating the certificate: Error ‘Token did not match’ when requesting http://pbx.survivalflightinc.com//.freepbx-known/b5b701f4cfe5db1ae8c888895008c1fe
Our VPS is hosted on freepbxhosting.com, so I am certain that there is no “other firewall” blocking LetsEncrypt access. In addition. I have verified that I can fetch/wget the URL (you can too!) which returns the token: c9da31faa9f07d6160a7eb53b1b022d0
I am a tiny bit concerned that the URI is malformed (there should not be a double slash just before .freepbx-known, but that does not seem to be the issue with the failure to update the certificate since a token is returned.
What I don’t understand is how the token could have changed, either on our VPS or at Let’s Encrypt.
I did try the fix that was outlined by @invdrv here. But that didn’t affect the problem either way.
Does anyone who understands how FreePBX/Asterisk issues the Let’s Encrypt update request? How could the default configured token fail to match?
Has anyone else come across this problem?
I’m about to delete the default certificate and see if I can get the system to generate a new Let’s Encrypt certificate from scratch, but I’m a little reluctant to make that change and risk losing my connection to our FreePBX image.
Thanks in advance for any suggestions.
-Mark
↧
LetsEncrypt 'Token did not match'
https://www.sslshopper.com/ssl-checker.html#hostname=pbx.survivalflightinc.com
You should probably revoke the cert you got from Digital Signature Trust Co.and the one you got from LetsEncrypt , then have one or the other reissue cleanly
↧
↧
Transfer to VM REST-API does not accept direct extension entry
Did you ever get a resolution on this? I am still seeing the behavior on S505’s with latest firmware in August 2019.
↧
Sangoma Sipstation trunks
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
↧
LetsEncrypt 'Token did not match'
@dicko, THANK YOU for the quick response, and for that awesome link to sslshopper. I have not seen that before.
Unfortunately, the link you included above shows that the certificate is as good as it gets. Everything is green, and the cert was issued by Let’s Encrypt. Woo hoo!
I’m not certain how I could revoke the certificate issued by Let’s Encrypt to us, and I’m 100% certain nobody would like it if I could somehow revoke the certificate issued from Digital Signature Trust Co. to Let’s Encrypt. 
But, eitherway, it wouldn’t address the two concerns I have,
-
Why/how did the token that FreePBX is serving up stop matching the token Let’s Encrypt is expecting to find?
![:man_shrugging:]( ":man_shrugging:")
-
Does anyone know if my FreePBX control panel will become unaccessible if I Delete the existing Let’s Encrypt certificate on the Certificate Management screen?
I really don’t want to loose access while trying to fix this bizarre issue with the FreePBX <–> Let’s Encrypt configuration.
↧
LetsEncrypt 'Token did not match'
Well, I’ve been spelunking in the code for FreePBX/certman.
I still don’t know what’s causing the failure, but I can see that a new Let’s Encrypt certificate is requested iff (a) there is no existing certificate or (b) the existing certificate will expire in less than 30 days. (see lines 612-626 of Console/Certman.class.php)
If (a) or (b) is true, two things happen:
-
a new file is created at
/var/www/html/.freepbx-known/<value-of-token>where<value-of-token>is the random 32-hexet ASCII string generated by$token = bin2hex(openssl_random_pseudo_bytes(16)), and -
a GET request is made to http://mirror1.freepbx.org/lechecker.php with
host=pbx.acme.org&path=/.freepbx-known/<value-of-token>&token=<value-of-token>&type=httpusing an instance of PestJSON (see lines 637 to 642)
I have not found the source to lechecker.php (yet), so I’m not sure what kind of magic is being performed over at mirror1.freepbx.org on our behalf. But, I can see in the /var/log/httpd/access_log on my FreePBX VPS that it causes an request to be generated back to the URL: http://pbx.acme.org/.freepbx-known/<value-of-token>
By trying wget -qO - 'http://mirror1.freepbx.org/lechecker.php?host=pbx.survivalflightinc.com&path=/.freepbx-known/c9da31faa9f07d6160a7eb53b1b022d0&token=c9da31faa9f07d6160a7eb53b1b022d0&type=http' I can see that lechecker.php returns {"status":false,"message":"Token did not match"} (BTW, the GET request to lechecker.php must be issued from the same IP as host resolves to or else lechecker.php will return an error.)
Yet a plain wget -qO - 'http://pbx.survivalflightinc.com/.freepbx-known/c9da31faa9f07d6160a7eb53b1b022d0' returns c9da31faa9f07d6160a7eb53b1b022d0
For some reason, the token matches when I wget it, but not when lechecker.php does.
Still scratching my head…
↧
↧
How do I change my password for these forums?
There is no option in the account settings, or a “forgotten password” option.
I also logged in on freepbx.org but I only get a blank page.
↧
Reset feature codes for extension to default
If I have a user with a S500, and they’ve set a number of feature codes on or off for their handset.
How can I reset all feature codes to default settings for that extension?
Example, we have a receptionist, with very long nails, who has time and again, set or changed feature codes while working. After which we need to walk thru feature codes and set them back to defaults, is there a quick fashion to do this?
Thank you,
↧
Serious Development Question
I’m not confident that Sangoma can get anything done with FreePBX at this point.
FreePBX 15 has been stalled as mentioned.
CentOS 8 is coming out soon and Sangoma should already be working on that. But we know that they are not.
Nothing at all is being done on PHP7 other than asking the community to beat on it. CentOS 8 will ship with PHP7.2 last I read.
Apache… Gods the old. This has already been beat on here.
The entire line about only knowing things from tickets. That is absolute BS. It is simply Sangoma shifting blame to us. Bug reports are totally unsearchable in any intelligible fashion. If they were, they would be in the Google results. But those are always community posts. So that is where people post.
If Sangoma only wants their people to work off of tickets, well then hire a community rep whose job is to be here in the community and get valid posts with issues turned into tickets. Also the ticket submission form is horrible anyway. I’m sure plenty of things never get made because no one wants to wade through it.
That brings the subject to commercial modules. Even if someone takes the time to post an actual issue that turns out to be a commercial module, what happens? Sanbgoma closes the ticket with a big smeg off. Saying to go do it all again on this super convoluted process within your Sangoma portal instead. What? WTF?
Yeah, this is all my point of view, but these are all pretty generic points.
↧
Serious Development Question
This always. The help I have received in the community from employees in the commnity lik @lgaetz has been great.
I always try to push my solutions back for other to gain the benefit of my progress through an issue.
↧
↧
Make call and play sound from external system
Well adding a custom file to the outgoing folder works but is not really great in my opinion. I would like to use a default service for this. But if I understand you correctly there is no service from FreePBX or Asterisk that we could use to do this?
↧
Reset feature codes for extension to default
What are those feature codes?
Also, always add passwords on Time Conditions and Call Flow Controls.
↧
IAX local extensions not regster
I am not using firewall module at all. And both PBX and IAX extension in the same network.
↧