Html |
---|
<div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = 'https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.11'; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> |
...
Info |
---|
In case you've decided to use specific SSL certificate or PBX has no access to Wildix certificate-updater service. Created: February 2020 Updated: August 2020 Permalink: https://confluence.wildix.com/x/O4O5Aw |
Warning |
---|
Important: in WMS 5.0X Custom certificates are accepted only with signature algorithm not lower than SHA256. |
...
- Select one of Certificate Providers that suit your requirements. For instance, SSL.com, Namecheap, TheSSLStore, GoDaddy, GlobalSign, DigiCert, Thawte, GeoTrust, Entrust, Network Solutions, etc.
Create a CSR (Certificate Signing Request) either using a Linux shell (PBX shell preferred) or Certificate Provider tools:
Code Block language bash title Linux shell command to create CSR openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
CSR configuration requires the details as follows below:
- Common Name (the domain name of PBX). It is highly recommended to use sub-domain wildcard ( *.<yourdomain>.<com> )
- Country (two-letter code)
- State (or province)
- Locality (or city)
- Organization
- Organizational Unit (Department)
E-mail address
- Common Name (the domain name of PBX). It is highly recommended to use sub-domain wildcard ( *.<yourdomain>.<com> )
Keep resulting key and csr files. Its content should include encrypted data and headers :
-----BEGIN CERTIFICATE REQUEST-----
...some data...
-----END CERTIFICATE REQUEST-----
and
-----BEGIN PRIVATE KEY-----
....some data...
-----END PRIVATE KEY-----
- Order a certificate from one of Certificate Providers and provide them the CSR file
Validate domain ownership with CA using one of three validation types: Domain Validated (DV), Organization Validated (OV), Extended Validation (EV)
Warning Please note that some sub-types require internet connection.
Generate self-signed certificate
Anchor | ||||
---|---|---|---|---|
|
Generate certificate on LINUX system using the command:
Code Block |
---|
openssl genrsa -des3 -out server.key 2048 openssl rsa -in server.key -out server.key openssl req -sha256 -new -key server.key -out server.csr -subj “/C=IT/ST=TN/L=My City/O=My Company/CN=examplecompany.com” openssl x509 -req -sha256 -days 3650 -in server.csr -signkey server.key -out server.crt |
...
Note |
---|
Use your country instead of IT (Italy) and your region instead of TN (Trento) in the string “/C=IT/ST=TN/L=My City/O=My Company/CN=examplecompany.com” |
Output:
server.crt server.csr server.key
Step 2. Configure internal DNS
...
- Login PBX web interface with administrative account
- Go to WMS Settings -> PBX -> SIP-RTP
- Upload certificate files: Certificate *.crt and Private Key *.key
- Click Save
Related articles
Filter by label (Content by label) | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
hidden | true |
---|
...
Html |
---|
<div class="fb-like" data-href="https://confluence.wildix.com/x/O4O5Aw" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div> |
...