SSL for Internal FQDN

Discussion in 'Ideas' started by Frank86, Mar 16, 2018.

SSL for Internal FQDN 5 5 1votes
5/5, 1 vote

  1. Frank86

    Joined:
    Jan 18, 2018
    Messages:
    33
    Likes Received:
    2
    When web client connects to company's internal FQDN, all users see a "page not secure" warning. It'd be nice to be able to set up some sort of SSL to avoid the warning.
     
  2. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    2,997
    Likes Received:
    190
    We use the external FQDN internally :) Problem solved.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Frank86

    Joined:
    Jan 18, 2018
    Messages:
    33
    Likes Received:
    2
    What do you mean by that? Are you having internal users point their web client to the external FQDN instead of the internal one?
     
  4. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    2,997
    Likes Received:
    190
    I haven't changed the welcome email or anything - but on the Terminal Server, I put an icon shortcut to the https://externalFQDN site.

    If you are hosting the domain yourself, then you may need to do some DNS magic internally. But we are using a 3cx.us domain with their SSL.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 craigreilly, Mar 16, 2018
    Last edited: Mar 16, 2018
  5. Frank86

    Joined:
    Jan 18, 2018
    Messages:
    33
    Likes Received:
    2
    I'm using a 3CX.US domain with their SSL as well. It's all good when users point their 3CX web client to the external FQDN.

    But whey they are inside the office and point the web client to https://internalFQDN (in order to avoid going out to the external FQDN and back in through our firewall), that's when they get the "page is not private" warning.
     
  6. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    2,997
    Likes Received:
    190
    I just use the External FQDN. (Sorry - I saw my mistake in the other post)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Frank86

    Joined:
    Jan 18, 2018
    Messages:
    33
    Likes Received:
    2
    Gotcha. We might have to do the same.
    Thank you
     
    craigreilly likes this.
  8. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    2,997
    Likes Received:
    190
    Template change:
    line 50: <li>Go to %%WEBCLIENTURLPUBLIC%%</li>
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Frank86

    Joined:
    Jan 18, 2018
    Messages:
    33
    Likes Received:
    2
    Thank you
     
  10. Saqqara

    Saqqara Active Member

    Joined:
    Mar 12, 2014
    Messages:
    939
    Likes Received:
    149
    configure spilt dns - https://www.3cx.com/docs/creating-fqdn-split-dns/

    Configure your internal dnsserver to map your external fqdn to the internal IP address of the server

    Then you use your 3CX.US domain external and internal without any ssl certificate warnings
     
    #10 Saqqara, Mar 18, 2018
    Last edited: Mar 18, 2018
    simply7 likes this.
  11. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    2,997
    Likes Received:
    190
    Yep - I just couldn't find the link the other day. Sometimes trying to help is hurting when not enough info is provided... lol.
    Thanks Saqqara for following up with this link.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...