Lets encrypt with the Vodia PBX

Hamlet Collado
Marketing & Sales at Vodia Networks
vodia_let_encrypt

Vodia MT edition can now create 509X certificates using the ACME protocol through HTTP and DNS challenges. This is helpful for administrators wanting to create an FQDN on the PBX. The Vodia MT edition can also use dnsmadeeasy API requests. In this blog, we will be discussing how to manual create an A record for your domain and creating the domain on the Vodia Multi-tenant PBX.

Prerequisite 

  • Port 80 
  • PBX must be on a Public IP
  • DNS Made Easy Optional 
  • DNS Provider Ex (Godaddy)

Creating the Domain 

Log into your VodiaCloud PBX and navigate to the list section. Press Create to create your domain name. We are calling our domain voice.pbxnvoip.com

Domain_Creation

 

Secure https

  • In administrator, mode navigate to network --> ports
  • Activate (Redirect to https)

Creating an A record

I am using Godaddy for this for example and thought it would be easy to follow. 

  • Log into your account
  • Choose your DNS name and navigate to (DNS) which should bring you to DNS management

DnS

 

  • Click on Add and Choose (Type A record)
  • The host is the name of the new domain you created
  • (Points to) is the IP of the Vodia Cloud PBX
  • TTL can be set 1hr or 1/2hr
  • Save
  • Navigate to your domain name ex. (voice.pbxnvoip.com)

DNS_Vodia

 

 

Note (The main limit is Certificates per Registered Domain (50 per week). A registered domain is, generally speaking, the part of the domain you purchased from your domain name registrar. For instance, in the name www.example.com, the registered domain is example.com. In new.blog.example.co.uk, the registered domain is example.co.uk. We use the Public Suffix List to calculate the registered domain.)

 

Example

encrypt

 

encrypt_1

 

 

Note:

ACME Directory URL & DNS provider: 

  • The PBX now supports generating X.509 certificates using the ACME protocol through HTTP and DNS challenges. When using the HTTP challenge, the system must be on a public IP address and it must use port 80. When using the DNS challenge, the DNS must have access to the DNS provider (currently DNSMadeEasy is supported).

 

  • When adding a domain, the PBX will attempt to create the DNS entry for the new domain and issue a certificate for the domain. A few days before the certificate expires, the PBX will then attempt to reissue the certificate. When a domain gets deleted, the PBX will attempt to delete the DNS entry.

 

  • It is now also possible to define a DNS name for the system. The PBX will also attempt to generate a certificate for this DNS address so that the management access to the system can be done through a properly encrypted HTTPS connection.

.