Preparing TLS Certificates for TLS/HTTPS/WebRTC
This guide is for solving the following SSL certificate issues with PortSIP PBX and PortSIP SBC.
- After you complete the PBX and SBC setting up, if you get the self-signed certificates warning in the browser when you access PBX Web Portal by HTTPS or access the WebRTC client, please follow up on the below steps to solve it
- The SSL certificates are expired
Please take the steps listed below.
- 1.Purchase a Domain (for example,
portsip.cc
) from the domain provider (for example, Godaddy.) for your PBX and SBC. - 2.Add an A record in the Domain DNS zone, and resolve the Domain to your PBX IP, for example: point the
uc.portsip.cc
to PBX server IP. - 3.If your SBC is deployed separately from the PBX server, add an A record DNS record and resolve to the SBC server IP, for example, point
sbc.portsip.cc
point to SBC server IP. - 5.Generate the CSR file and private key file according to the certificate provider’s guide, and keep the files. Please don't set the password when generating the private key file; usually, you will have two files: the certificate and the private key. Note, please choose the certificates for Nginx.
- 6.Rename the private key file as
portsip.key
. - 7.Submit the CRS file to the certificate provider, and download the certificate files after your certificates were approved. This step will end up with two files:
Intermediate CA certificate
andSSL certificate
. Note, some providers don't have theIntermediate CA certificate
. - 8.Please ignore this step if your provider doesn't provide the
Intermediate CA certificate
. Use a plain text editor for example Windows Notepad (do not use MS Word) to open theIntermediate CA
file andSSL certificate
file, copy theIntermediate CA
contents to append to theSSL certificate file
, and rename the SSL certificate file asportsip.pem
. In the Linux environment, you can use the below commands to combine the certificate files.
// Append intermediate file to certificate file
cat intermediate.pem >> cert.pem
// Rename certifiate file to portsip.pem
mv cert.pem portsip.pem
- 9.Now you will have two certificate files, the certificate file
portsip.pem
, and private key fileportsip.key
.
Last modified 1mo ago