Install SSL cert on cloud server for all tenants?

Discussion in '3CX Phone System - General' started by advanced25, Jul 21, 2014.

Thread Status:
Not open for further replies.
  1. advanced25

    Joined:
    Aug 10, 2012
    Messages:
    19
    Likes Received:
    10
    Is it possible to install a single public SSL cert on Cloud server that will work for all tenants?
     
  2. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    For the web page or for secure sip?
     
  3. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    For the web page or for secure sip?
     
  4. advanced25

    Joined:
    Aug 10, 2012
    Messages:
    19
    Likes Received:
    10
    For both the website and SIP. I'm familiar with IIS I'm assuming that I can apply the cert to each tenant site like I would for any other IIS deployment.

    What I don't understand is that the secure SIP guide (http://www.3cx.com/blog/voip-howto/secure-sip/)
    says that the common name should be "3CXPHONE". What if I want to use an FQDN and a public cert? I don't want to have to manually install certs on ANY device. Also, do we have to do this for each tenant? I just want to use a single cert.

    Thanks for the help!
     
  5. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    On V12 the web cert can be done per server via IIS

    On the Secure SIP Side:

    You would have to do this per tenant.

    Also, the certificate install on the device side is different per manufacturer.

    In many cases this is a manual process.
     
  6. advanced25

    Joined:
    Aug 10, 2012
    Messages:
    19
    Likes Received:
    10
    That's bad news that it's done per tenant for secure sip. :x

    But that aside, is it not possible to install a publicly signed cert so that we could avoid the installation of certs on endpoints? I'd rather pay for a cert that already has the trusted root authority on phones than manually install a private cert all over the place.
     
  7. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    You could put a ticket in at the manufacturer level and ask.

    We have all of our phone pre-provisioned at distribution point so we have them do the manual ssl cert import if needed
     
Thread Status:
Not open for further replies.