Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Select one of Certificate Providers that suit your requirements. For instance, SSL.com, Namecheap, TheSSLStore, GoDaddy, GlobalSign, DigiCert, Thawte, GeoTrust, Entrust, Network Solutions, etc.
  2. Create a CSR (Certificate Signing Request) either using a Linux shell (PBX shell preferred) or Certificate Provider tools:

    Code Block
    languagebash
    titleLinux shell command to create CSR
    openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

    CSR configuration requires the details as follows below:

    • Common Name (the domain name of PBX). It is highly recommended to use sub-domain wildcard ( *.<yourdomain>.<com> )
    • Country (two-letter code)
    • State (or province)
    • Locality (or city)
    • Organization
    • Organizational Unit (Department)
    • E-mail address

  3. Keep resulting key and csr files. Its content should include encrypted data and headers :

    -----BEGIN CERTIFICATE REQUEST-----

    ...some data...

    -----END CERTIFICATE REQUEST-----

    and

    -----BEGIN PRIVATE KEY-----

    ....some data...

    -----END PRIVATE KEY-----

  4. Order a certificate from one of Certificate Providers and provide them the CSR file
  5. Validate domain ownership with CA using one of three validation types: Domain Validated (DV), Organization Validated (OV), Extended Validation (EV) 

    Warning

    Please note that some sub-types require internet connection.


Generate self-signed certificate 
Anchor
selfsigned
selfsigned

Generate certificate on LINUX system using the command:

Code Block
openssl genrsa -des3 -out server.key 2048
openssl rsa -in server.key -out server.key
openssl req -sha256 -new -key server.key -out server.csr -subj “/C=IT/ST=TN/L=My City/O=My Company/CN=examplecompany.com”
openssl x509 -req -sha256 -days 3650 -in server.csr -signkey server.key -out server.crt

...

Note

Use your country instead of IT (Italy) and your region instead of TN (Trento) in the string “/C=IT/ST=TN/L=My City/O=My Company/CN=examplecompany.com”


Output:

server.crt server.csr server.key

Step 2. Configure internal DNS

...

PDF avoid Pagebreak

           

Content by Label
showLabelsfalse
max5
spacesDOC
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel = "kb-how-to-article" and type = "page" and space = "DOC"
labelskb-how-to-article

Page properties
hiddentrue
Related issues
HTML
<div class="fb-like" data-href="https://confluence.wildix.com/x/O4O5Aw" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div>

...