[Spce-user] SSL Certificate

Syaiful Bahri Kamaruddin chefsyaiful at outlook.com
Thu Mar 22 22:42:07 EDT 2018 

Hi Sir,
I just using sslforfree.com > generate all the cert for all domain and transfer the cert file to the ngn cert sll location.

Although must renew manually every 90 day.

Syaiful

From: Spce-user <spce-user-bounces at lists.sipwise.com> On Behalf Of Syaiful Bahri Kamaruddin
Sent: Tuesday, March 13, 2018 11:53 PM
To: Henk <henk at voipdigit.nl>; spce-user at lists.sipwise.com
Subject: Re: [Spce-user] SSL Certificate

Hi Sir,
Great help, will test out and coming back tou you for the finding. as i had tested multi domain and i work on spce.
Only the ssl still figured it out how.


Best Regards

Syaiful
Newbie


On March 13, 2018 11:42:40 PM Henk <henk at voipdigit.nl<mailto:henk at voipdigit.nl>> wrote:

Hi Syaiful,
It is possible to use multiple domains for Kamailio TLS as explained here: https://lists.kamailio.org/pipermail/sr-users/2015-February/087030.html but I have no experience with that. I am using one certificate with multiple domains explained here: https://community.letsencrypt.org/t/host-multiple-domains-with-a-single-certificate/20917/2

If you are using NGINX to verify the certificate, you will need a custom ngcp-panel_csc.customtt.tt2 (/etc/ngcp-config/templates/etc/nginx/sites-available) and include the acme-challenge location for both web-servers on port 80 and the admin port:

    location /.well-known/acme-challenge {
        root  /usr/share/ngcp-panel;
    }

If you can generate the certificates, you only have to add them in the config.yml template and generate the new config.
Last thing is to change the certbot renewal cron and add a NGINX reload to activate the new certificate.

Mine looks like this, running every week:
0 */12 * * 1 root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(1800))' && certbot -q renew
50 */12 * * 1 root service nginx reload > /dev/null 2>&1

I hope this helps,

Henk Plessius

On 13-3-2018 15:40, Syaiful Bahri Kamaruddin wrote:

Hi All,

To add,



as spce support multi domain, ie:



current server is demo.institute.org



customer 1 = demo.school2.org (their own domain)

customer 2 = demo.school3.org (their own domain)

# both created subdomain and pointing to tje current server.



how to issue ssl and where should i place it on current domain for all

customer.



You guys help is highly appreciated.



Best Regards



Syaiful

Newbie



On March 13, 2018 9:45:05 PM Syaiful Bahri Kamaruddin

<chefsyaiful at outlook.com><mailto:chefsyaiful at outlook.com> wrote:



Hi All,



Need your guys help,

How should i do for Lets Encrypt SSL to be used on SPCE Mr5.5.2 . Could you

guys help me.



Best Regards



Syaiful

Newbie for school project





_______________________________________________

Spce-user mailing list

Spce-user at lists.sipwise.com<mailto:Spce-user at lists.sipwise.com>

https://lists.sipwise.com/listinfo/spce-user





_______________________________________________

Spce-user mailing list

Spce-user at lists.sipwise.com<mailto:Spce-user at lists.sipwise.com>

https://lists.sipwise.com/listinfo/spce-user

_______________________________________________
Spce-user mailing list
Spce-user at lists.sipwise.com<mailto:Spce-user%40lists.sipwise.com>
https://lists.sipwise.com/listinfo/spce-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20180323/b7c01e45/attachment-0001.html>

More information about the Spce-user mailing list