vicidial.org

[vapiano]

ViciBox v.10.0.2
VERSION: 2.14-679c
BUILD: 230220-1802
Asterisk 13.38.3-vici
Cloud VPS, CPU 6 cores, 16GB RAM, Disk 200 GB NVMe

Hi,

I got an email from Let's Encrypt's that my ssl certification will expire in 7 days.

So I wanted to renew my ssl certificate by running

Code: Select all

/usr/share/vicibox-ssl/vicibox-ssl

But I got the following error:

Code: Select all

Do you want to generate an SSL certificate now? (N/y) : y
/usr/share/vicibox-ssl/vicibox-ssl: line 109: acme.sh: command not found

  acme.sh was unable to verify your FQDN reaches this server and was unable
  to generate a valid SSL certificate. Please check your firewall settings,
  DNS entries, and Apache for any possible issues. You can re-run this script
  to test if the issue is resolved.


What is to do now? Would be thankful for any help.

[martinch]

Oh hey,

I think there's a problem with the SSL script. If we observe this line;

Code: Select all

ACME_DIR="/root/.acme.sh/"

That does not exist at least on my ViCiBox version (Version 11).

If you change that line to;

Code: Select all

ACME_DIR="/usr/share/acme.sh/"

It should run. This particular query should go into the ViCiBox subforum http://vicidial.org/VICIDIALforum/viewforum.php?f=8 just so the guys can get more visibility and offer more help

Hope this helps.

[vapiano]

If you change that line to;

Code: Select all

ACME_DIR="/usr/share/acme.sh/"

It should run.

Thanks for your reply but this did not solve the issue.

First, in my root folder there is file named ".acme.sh" so

Code: Select all

ACME_DIR="/root/.acme.sh/"

should work.
Second, I think you meant

Code: Select all

ACME_DIR="/usr/share/vicibox-ssl/acme.sh"

because this is the path where acme.sh is located. But as mentioned this didnt solve my issue

[martinch]

Ah I see. Then yeah disregard what I wrote as there appears to be a difference between ViCiBox 10 and 11 in that regard.

I don't have the ISO to hand right now but I can boot up ViCiBox 10 a little later on and see if I can help. Maybe Kumba or mflorell can chip in here though or someone else in the community. Cheers.

[vapiano]

I got it now resolved. Not sure what the exact solution was.

I did two things:

Firstly, I changed the vicibox-ssl script

Code: Select all

ACME_BIN="acme.sh"

to

Code: Select all

ACME_BIN="/root/.acme.sh/acme.sh

Secondly, I executed acme.sh manually.


Is there a way to check in the terminal until when the certificate is valid? I know that I can check the date in the browser but would also know a way to check it in the terminal

[martinch]

Cool! You got it sorted.

Running this command on your certificate should do the job;

Code: Select all

openssl x509 -enddate -noout -in /path/to/your/certificate.pem


Hope this helps!
Martin.

[vapiano]

Cool! You got it sorted.

Running this command on your certificate should do the job;

Code: Select all

openssl x509 -enddate -noout -in /path/to/your/certificate.pem


Hope this helps!
Martin.

Great, worked

Thank you!!