Solved: Let's Encrypt with MRA registered devices

Roger Kallberg · ‎12-20-2019

Hi,

Is it possible to use ACME services for Let's Encrypt certificates in Expressway with remote registered devices, for example 88xx?

We run X12.5.6 and CM 12.5.1.12016-3 with latest available device pack installed 12.5.1.12013-1.

When I try this I get an error about that the domain can't be verified.

Any help on this is highly appreciated.

Jaime Valencia · ‎12-20-2019

See this bug

78xx/88xx CA Trust List: Inclusion of Letsencrypt X1 root CA cert
CSCvk66432

and also read this

https://letsencrypt.org/certificates/

HTH

java

if this helps, please rate

View solution in original post

cgmiller913 · ‎12-20-2019

Hi,

You have to add A records on the public domain you are using for the CN and SANs you are using in the cert.

-Chris

Roger Kallberg · ‎12-20-2019

I think that applies to the actual setup of the ACME service in the E MRA. That part is completed and we can connect Jabber clients via the MRA with no problem. However on a desk phone we get an error message about certificate of domain can’t be verified.

Jaime Valencia · ‎12-20-2019

See this bug

78xx/88xx CA Trust List: Inclusion of Letsencrypt X1 root CA cert
CSCvk66432

and also read this

https://letsencrypt.org/certificates/

HTH

java

if this helps, please rate

Roger Kallberg · ‎12-20-2019

Thanks Java!

krizvite · ‎01-11-2021

Hi Jaime,

is there any update to this Bug if Lets Encrypt will stop supporting DST Root X3 in September 2021?

Thank you!

Vit

Roger Kallberg · ‎01-11-2021

Maybe best if you post your own question as your question is not really related to the OP and this post has been marked as answered.