...
- Get certificate from CA (or create self-signed certificate and proceed with step 2)
- Select one of Certificate Providers that will suits you requirements. For instance SSL.com, Namecheap, TheSSLStore, GoDaddy, GlobalSign, DigiCert, Thawte, GeoTrust, Entrust, Network Solutions, etc...
Create a CSR (Certificate Signing Request) either using a Linux shell (PBX shell preferred) or Certificate Provider tools.
Code Block language bash title Linux shell command to create CSR openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
CSR configuration require the details as follows below:
- Common Name (the domain name of PBX). It is highly recommended to use sub-domain wildcard for it ( *.<yourdomain>.<com> )
- Country (two-letter code)
- State (or province)
- Locality (or city)
- Organization
- Organizational Unit (Department)
E-mail address
- Common Name (the domain name of PBX). It is highly recommended to use sub-domain wildcard for it ( *.<yourdomain>.<com> )
Info title Keep resulting key and csr files with headers and including:
-----BEGIN CERTIFICATE REQUEST-----
...
-----END CERTIFICATE REQUEST-----
and
-----BEGIN PRIVATE KEY-----
....
-----END PRIVATE KEY-----
- Order a certificate from one of Certificate Providers and provide them CSR file
...