Master DNL Class4
  • Introduction
  • Configure a new Class 4 instance
    • Setup Admin Access
    • First Time Login
    • Setup SIP Switch
  • Your First Call with Class 4 Fusion
    • Create Vendor Rate Table
    • Create Termination Vendor
    • Create Egress Trunk
    • Create Dynamic Route
    • Create Routing Plan
    • Create Client Rate Table
    • Create Termination Client
    • Create Ingress Trunk
    • Simulate Your Call
  • Support Contact
  • eLearning
  • Bug Reporting Process
  • Hardware Sizing
  • Licensing
  • Installation
    • Install with Tarball
    • Install with RPM
      • Step by Step Guide
    • Install with AWS
    • Install with Google Cloud
    • Distributed Architecture
      • Switch Server
        • dnl_live_monitor
        • dnl_tool
        • dnl_livecall
        • dnl_softswitch
        • dnl_watchdog
        • dnl_cloud
      • Web UI
        • dnl_web_helper
    • Troubleshoot Your Installation
    • Setup SSL on Web UI
    • LAN IP Setup for Virtual Machine
    • Change IP/MAC Address
    • Validate Your Installation
      • Check dnl_softswitch log
    • Configuring DNL softswitch
    • Setup Selinux
  • Configuring Stir/Shaken
    • Generating Certificate with Peeringhub.io
  • Upgrade an Existing Installation
    • Update an Existing Installation
      • Update with Tarball
      • Update with RPM
  • Stir Shaken
    • Introduction
    • Configure Class 4
    • Configure Stir Shaken in DB
    • Configure Ingress Trunk
    • Configuring Egress Trunk
    • Basic Configuration Example
    • Validation of Stir/Shaken Setup
    • Setup External AS/VS connectivity
  • Basic Switch Configuration
    • Integrate Class 4 to Google SMTP
    • Customize your logo
    • Customize Domain Name
    • Customize email template
    • Customize invoice template
    • Configuring Payment Gateway
      • Stripe Configuration
      • Paypal Configuration
    • Configuring CDR and PCAP Backup
      • Google Cloud Setup
    • Configuring SIP Registration
    • Configuring LRN
  • Quick Setup for Termination Traffic
    • Create Termination Vendor
      • Specify IP to send to egress
    • Create Termination Route
      • Routing Plan
      • Static Route
      • Dynamic Route
    • Create Termination Client
    • Test with Call Simuation
    • Test Calls with SIP Client
    • Check CDR
  • Quick Setup for Origination Traffic
    • Introduction
    • Create DID Vendors
    • Create DID Billing Plan
    • Create DID Clients
    • DID Repository
    • Assign DID to Client
    • Test Calls with Call Simulation
    • Setup for your client to buy DIDs from portal
  • Data Access
    • Postgres Database
      • Obtain Report Data from DB
      • Obtain CDR from DB
    • Raw Switch Data
      • CDR Data
        • Release Cause Definition
      • PCAP Data
      • Auto Data Cleanup
  • System Administration
    • Modules
    • Start and Stop
    • Logging
    • Software Updates
    • Setup additional dnl_softswitch
    • Add Additional IP to Switch
    • Configure SIP Cause Code and Q850 Mapping
    • Enable Media Proxy
  • Class 4 API
    • Authorization
    • Class4 API
  • Troubleshooting
    • Calls are failure
    • Change Q850 in 4xx/5xx
    • One-way Audio with SIP Client Testing
      • Using Zoiper to resolve NAT issue
  • Automatic Call Blocking
    • Introduction
    • Youmail Blocking
    • DNC Blocking
    • LERG Blocking
Powered by GitBook
On this page
  • Next step
  • Auto Renew SSL Certificate

Was this helpful?

  1. Installation

Setup SSL on Web UI

To enable the ssl to web portal, you can use free certificate from letsencrypt. To use the free letsencrypt ssl certificate, you can user cerbot. Cerbot is a bot-like plugin which uses letsencrypt to get ssl certificate. "certbot-nginx" is a plugin for the certbot for automate renewal of SSL certificate using on nginx. A standard free letsencrypt expires every 90 days, so the purpose of "cerbot" is to automatically renew the letsencrypt every 90 days.

The package for cerbot is :

python2-certbot-nginx.noarch

Here is the command:

command is yum -y install python2-cerbot-nginx

The following config file is an example for the manual ssl setup for using letsencrypt. If you are using cerbot, only thing you need is to change/set server_name in /etc/nginx/conf.d/denovo.conf

    server_name  localhost;    <---- change this to your domain name.

After you edit /etc/nginx/conf.d/denovo.conf and replace domain name with chosen domain name , you should run the command:

certbot

You will be presented with wizard which will help you setup an letsencrypt account and create a fre ssl for you. this is free ssl certificate which is valid for 90 days so some 2 weeks before certificate expires, you will be able to renew it by using command:

certbot renew

If you are not using cerbot, but you manually generate, or buy SSL certificates you need to modify nginx config and set it up manually. This is the config you should refer to.

server {

    #listen       80;
    server_name  localhost;      <---- changing domain name to your domain name                      
    root         /opt/denovo_v6/web;
    index       index.html index.htm;
    client_max_body_size 320m;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
    try_files $uri $uri/ @rewrites;
    }

    location @rewrites {
    rewrite ^(.+)$ /index.html last;
    }


    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }

    listen  443 ssl;      <------- Add SSL listen directive
    ssl_certificate /path/to/ssl/certificate.crt ;   <------- Add path to your cert file
    ssl_certificate_key /path/to/ssl/certificate_key;  <------ Add path to your cert key file
}

Next step

After switching to domain name and choosing https, you would also need to edit api.ini and change schema and hostname there.

The default path for api.ini is /opt/denovov6/api_dnl/api.ini

The variables to update are:

  • api_schema

  • api_host

Then, you can restart api using the following command:

systemctl restart dnl_api_dnl

Auto Renew SSL Certificate

The lescrypt SSL certificate expires every 90 days. You may want to set it to auto renew by using crontab. The crontab command is as follows:

0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew

PreviousTroubleshoot Your InstallationNextLAN IP Setup for Virtual Machine

Last updated 2 years ago

Was this helpful?

/