Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Let’s Encrypt is a certification center that automatically issues free cryptographic certificates. You can receive and import such a certificate to your WCS server as described below:1. Run the tool to get a certificate that is shipped with WCS

Receiving SSL certificate using certbot

Installing Certbot

Centos

1. Install epel-release repository

on Centos 7

Code Block
languagebash
themeRDark
yum install epel-release

on Centos 8

Code Block
languagebash
themeRDark
cd /usr/local/FlashphonerWebCallServer/tools
./certbot-auto certonly

This will install all necessary dependencies, and the certbot tool starts. In response to the query enter:

...

sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

2. Install certbot

on Centos 7

Code Block
languagebash
themeRDark
yum install certbot python2-certbot

on Centos 8

Code Block
languagebash
themeRDark
sudo dnf install certbot python3-certbot

Ubuntu

Install certbot by the following command

Code Block
languagebash
themeRDark
sudo apt-get install certbot

Other OS

Install certbot by official manual

Receiving SSL certificate

1. Open HTTP port 80 and HTTPS port 443 for incoming connections on server instance, for certbot check the server properly.

2. Run certbot

If there is a web server on the same server with WCS, run

Code Block
languagebash
themeRDark
sudo certbot certonly --apache

or

Code Block
languagebash
themeRDark
sudo certbot certonly --nginx

If WCS only is installed to the server, run

Code Block
languagebash
themeRDark
sudo certbot certonly --standalone

This will request all the necessary information and download SSL certificate files

If you received the certificate successfully, proceed to the next step. If any errors occurred, refer to the certbot-auto documentation.

23. Make sure the /etc/letsencrypt/live/yourdomain/ folder on your server has the following files:

...

Copy these files to your computer.3

Importing SSL certificate to WCS storage

1. Open the web interface of WCS. Select "Security" in the upper menu, then "Certificates":

42. On the import page upload the certificate file fullchain.pem and the key file privkey.pem:

...

If importing of the certificate failed with some errors, proceed to the keytool importing.

53. Remove the self-signed certificate from the keystore

Code Block
languagebash
themeRDark
keytool -delete -alias selfsigned -keystore /usr/local/FlashphonerWebCallServer/conf/wss.jks

64. Create a new keystore based on the certificate and the private key

...

Code Block
languagebash
themeRDark
Enter pass phrase for yourdomain.key: ******
Enter Export Password: password

75. Import the newly created keystore to the existing wss.jks

...