Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

http to https redirect on customer owned FQDN & SMTP server question

Discussion in '3CX Phone System - General' started by D Smoke, Jan 30, 2018.

Thread Status:
Not open for further replies.
  1. D Smoke

    Joined:
    Jan 14, 2018
    Messages:
    1
    Likes Received:
    0
    hey Guys,

    Currently testing the Enterprise version of 3CX on our own Google Cloud. SSL and phone provisioning are working correctly using my own sub domain. I'm using the same firewall rules that PBX Express sets up. SSL was configured during install with GoDaddy Cert. http was set up on port 80 and ssl 443 since this an isolated VM running on Debian Linux.

    On the VM Instances page under Firewalls allow http and https are both unchecked. A record created on the domain to pointed to the external IP on Google's platform. All phones connected will obviously not be on premises since it's a cloud install.

    Issue #1 if user does not type in https://3cx.mydomain.com it does not work, it just times out. If I enable http in the vm instance it will work if someone types 3cx.mydomain.com however it gives a forbidden NGINX error since it's not redirecting to https. What is the best practice to configure 3cx to route incoming http requests to the sub domain to the https side without enabling http traffic?

    Issue #2 I'm using Spark Post as my smtp server which I use for other things, SPF, DKIM, all in place e-mail lightning fast from our domain. However Spark Post by default treats anything sent via the SMTP relay as a transactional email meaning there is a mailing list ID attached to it which I don't want. This can be removed by using an X-MSYS-API Custom Header for all e-mails sent by the smtp relay. I don't see a way to plugin the https://developers.sparkpost.com/api/smtp-api.html Is there a way to make a global change Other than the transactional flag, e-mails work great with TLS and pass DKIM & SPF from my domain. Any insight would be great. Thanks
     
  2. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,379
    Likes Received:
    84
    Without enabling http in your VM instance, this is not possible, as the request would never actually reach nginx.
    Technically this is possible by modifying the nginx.conf file, but I strongly advise against it as this will potentially cause problems with the presence of the 3CX Clients.
    My advice, just tell the users not to use HTTP.


    This can't be added.
     
Thread Status:
Not open for further replies.