Let's Encrypt Renewal Issues

theashes · November 13, 2024, 3:12am

Had issues with the Let’s Encrypt renewal so deleted the certificate and have tried to recreate but get the below issue:

Exception: Invalid response header: HTTP/2 403 server: nginx date: Tue, 12 Nov 2024 20:44:25 GMT content-type: application/problem+json content-length: 145 boulder-requester: 2053159847 cache-control: public, max-age=0, no-cache link: ;rel=“index” replay-nonce: qZ7aiiUHK98IkEL18i1IePEGUWIPD6YGcVOojXixbghHx0E6O6Q body: { “type”: “urn:ietf:params:acme:error:unauthorized”, “detail”: “User account ID doesn’t match account ID in authorization”, “status”: 403 }-#0 /usr/share/vitalpbx/www/modules/certificates/certificates.php(0): modules\certificates\Types\LetsEncrypt->build() #1 /usr/share/vitalpbx/www/includes/app/Core.php(0): modules\certificates\certificates->put() #2 /usr/share/vitalpbx/www/includes/app/Core.php(0): app\Core->loadModuleAction() #3 /usr/share/vitalpbx/www/includes/app/Core.php(0): app\Core->_loadModule() #4 /usr/share/vitalpbx/www/index.php(0): app\Core->run() #5 {main} at file /usr/share/vitalpbx/www/modules/certificates/certificates.php on line 0

1	/usr/share/vitalpbx/www/index.php:0	app\Core->run(…args);
2	/usr/share/vitalpbx/www/includes/app/Core.php:0	app\Core->_loadModule(…args);
3	/usr/share/vitalpbx/www/includes/app/Core.php:0	app\Core->loadModuleAction(…args);
4	/usr/share/vitalpbx/www/includes/app/Core.php:0	modules\certificates\certificates->put(…args);

Have done a hard restart of the server.

And made sure the GEO firewall wasn’t blocking the US.

And also tried completely disabling the firewall and intrusion prevention system.

And have run the following command as well:
vitalpbx --reset-apache-conf

But still receive the errors when trying to create a Let’s Encrypt certificate.

Any ideas on how to fix the issue.

miguel · November 13, 2024, 12:07pm

Have you updated to the latest available VitalPBX version?

theashes · November 13, 2024, 10:27pm

Running 4.1.0-9 currently but noticed a new update to version 4.2.0-1 is available so will install that tonight but don’t see any reference in the release notes about fixing Let’s Encrypt issues

miguel · November 13, 2024, 11:23pm

The error is related to the above message. I would recommend deleting the domain folder inside /usr/share/vitalpbx/certificates and then trying to create the certificate again.

theashes · November 14, 2024, 10:39am

Ok installed the latest updates and tried again but still the same issue.

Deleted the folder as mentioned above and this then let me save the certificate now.

And showing it is valid until:
2025-02-12

But when viewing in Chrome is still showing as the below even after clearing cache:

Your connection is not private

Attackers might be trying to steal your information from xxxxxxxxxxxxxx (for example, passwords, messages or credit cards). Learn more about this warning

net::ERR_CERT_AUTHORITY_INVALID

miguel · November 14, 2024, 12:34pm

You must select the certificate in the HTTP Server module to be applied to Apache.

theashes · November 14, 2024, 9:34pm

Thanks for the reminder about this as totally forgot.

All working well now.

system · December 14, 2024, 9:35pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.