How to Renew your SSL Certificate in 3CX V15
pixel500w-500x1
Zero Admin
With the new Dashboard
pixel500w-500x1
Bulletproof Security
With SSL certs and NGINX
pixel500w-500x1
Install on $100 Appliance
Intel MiniPC architecture
pixel500w-500x1
New, Intuitive Windows Client
More themes, more UC
pixel500w-500x1
More CRM Integrations
Scripting Interface to add your own
pixel500w-500x1
Improved Integrated Web Conferencing
iOS and Android apps included
pixel500w-500x1
Personal Click2Meet URLs

V15: Renewing the SSL Certificate

V15: Renewing the SSL Certificate

With the new 3CX web server, NGINX, the replacement of a self-owned generated certificate is simpler than ever. Note, this procedure does not cover the switch from a 3CX managed domain and certificate to a self-owned domain! This will require a reinstall including a release of the license key bound FQDN! More here: http://www.3cx.com/docs/fqdn-management-allocation/

Requirements

  1. PBX installed with own domain FQDN (e.g. pbx.mybusiness.com)
  2. Presented cert at installation time to correctly convert the FQDN pbx.mybusiness.com
  3. New cert still covers the FQDN pbx.mybusiness.com

When to Use

This guide covers how you can activate your renewed SSL certificate in 3CX V15. It does not matter if the cert is issued by the same SSL vendor or from another. The only requirement is that it still covers your already existing external FQDN which was used during the installation of 3CX. Certificates have an expiry date and must be renewed once in awhile.

  1. Log into the machine that 3CX is installed on.
  2. Locate this folder C:\Program Files\3CX Phone System\Bin\nginx\conf\instance1
  3. There should be 3 files. If you see 5 files, abort, your are using a 3CX managed domain and SSL certificate
  4. Two of those files contain your company FQDN in the file name and are substituted with
  1. -crt.pem
  2. -key.pem
  1. While keeping the file name exactly the same replace the -crt.pem file with the new certificate file and the -key.pem file with the new key file (which may still be the same, depending on how you renewed your cert)
  2. For the certificate to become active restart the NGINX service.

Result

The certificate was from GoDaddy (note the text highlighted in the green box):

The renewal switched to StartSSL (note the text highlighted in the green box):


Ask a Question

Please only post questions in regards to the document you are currently reading.
Technical support or pre sales questions must be posted via the support or sales channels and such comments will be deleted. Thank you for understanding
<