Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Install SSL cert on cloud server for all tenants?

Discussion in '3CX Phone System - General' started by advanced25, Jul 21, 2014.

Thread Status:
Not open for further replies.
  1. advanced25

    Joined:
    Aug 10, 2012
    Messages:
    19
    Likes Received:
    10
    Is it possible to install a single public SSL cert on Cloud server that will work for all tenants?
     
  2. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    For the web page or for secure sip?
     
  3. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    For the web page or for secure sip?
     
  4. advanced25

    Joined:
    Aug 10, 2012
    Messages:
    19
    Likes Received:
    10
    For both the website and SIP. I'm familiar with IIS I'm assuming that I can apply the cert to each tenant site like I would for any other IIS deployment.

    What I don't understand is that the secure SIP guide (http://www.3cx.com/blog/voip-howto/secure-sip/)
    says that the common name should be "3CXPHONE". What if I want to use an FQDN and a public cert? I don't want to have to manually install certs on ANY device. Also, do we have to do this for each tenant? I just want to use a single cert.

    Thanks for the help!
     
  5. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    On V12 the web cert can be done per server via IIS

    On the Secure SIP Side:

    You would have to do this per tenant.

    Also, the certificate install on the device side is different per manufacturer.

    In many cases this is a manual process.
     
  6. advanced25

    Joined:
    Aug 10, 2012
    Messages:
    19
    Likes Received:
    10
    That's bad news that it's done per tenant for secure sip. :x

    But that aside, is it not possible to install a publicly signed cert so that we could avoid the installation of certs on endpoints? I'd rather pay for a cert that already has the trusted root authority on phones than manually install a private cert all over the place.
     
  7. bardissi

    bardissi Member

    Joined:
    Jan 31, 2012
    Messages:
    318
    Likes Received:
    0
    You could put a ticket in at the manufacturer level and ask.

    We have all of our phone pre-provisioned at distribution point so we have them do the manual ssl cert import if needed
     
Thread Status:
Not open for further replies.