Blog

Let's Encrypt allows you to obtain X.509 certificates for TLS automatically and at not charge. There are different ways to obtain a valid certificate depending on the system that you are setting up. We will be going over Let's Encrypt and FreePBX.

This article will work with a system running FreePBX 13 or newer. Other requirements are that you have a valid A record that resolves the FreePBX IP. For example if your PBX is at IP: 104.24.99.145 you would want an pbx.harrison-technology.net dns record to point to 104.24.99.145.

Enabling Port 80 to respond to Let's Encrypt>

There are a couple ways that Let's Encrypt allows verification. From saving a challenge in a .well-known folder or saving a challenge in a DNS record. FreeBPX saves the challenge code in the .well-known folder.

We need to setup the web server to allow responses to Let's Encrypt on port 80. Navigate to Admin > System Admin > Port Management. Change the Letsencrypt port