Mitel Forums - The Unofficial Source
Mitel Forums => Mitel Software Applications => Topic started by: Frontline on March 02, 2017, 05:34:04 PM
-
Hello All
I have a warning in my MiCollab server for "Web server certificate expires in less than 3 weeks ". What do i need to do to renew the web certificate or clear this alarm?
Thanks in advance for any information.
-
That depend upon if it's the self signed or third party cert
-
Also depends on your MiCollab version... 7.2 and newer have built in support for Let's Encrypt, although if that is the service you are using it should auto-renew, otherwise let us know what the certificate is self-signed or if you loaded your own like RapidSSL, GoDaddy, GeoTrust, Verisign, etc.
-
Looks like they are using Rapid SSL
How do I go about renewing the cert?
Thank you again for the help
-
Log into Rapid SSL, renew it, download new cert, and upload it into MSL.
Or delete your existing cert and setup Let's Encrypt, it's free and auto-renews.
-
Just a note. Let's encrypt is not supported for MiCollab mobile client connections as far as I know.
-
Just a note. Let's encrypt is not supported for MiCollab mobile client connections as far as I know.
We have been using it without issue for several customers with MiCollab 8.0
-
So you have SIP softphones on the new gen mobile client working with this, running TLS?
This is what made me think it may not work. Did I misunderstand this?
-
So you have SIP softphones on the new gen mobile client working with this, running TLS?
This is what made me think it may not work. Did I misunderstand this?
Yes, it works fine... Although the sites we have this working are virtual AND running in server-gateway mode, so maybe that's the unique thing.
I never even thought about it, just went through Let's Encrypt steps in the MiCollab server and it just worked. And yes, at one site we have 3 MCD's, 3 MBG's (two in the US, one in Ireland, and clustered), and one MiCollab server and probably 50 or so mobile softphone clients, using Let's Encrypt, works fine.
-
I'm inclined to try this now but my architecture is different since I use and MBG in gw mode with web proxy.
the fact that your MiCollab is directly connected to the internet with no reverse proxy required, may be the difference as you say.
anyone been doing this Mitel thing for 13 years and learn new things everyday.
-
I'm inclined to try this now but my architecture is different since I use and MBG in gw mode with web proxy.
the fact that your MiCollab is directly connected to the internet with no reverse proxy required, may be the difference as you say.
anyone been doing this Mitel thing for 13 years and learn new things everyday.
Could be... I am working on a install that will cut next month that is purely DMZ installed, so I will try it there before go live and see if it works.
BTW, I have been doing Mitel for 25+ years, since the days of the analog SX100/200 PBX's and I still learn things all everyday. Like this week we learned if don't change anything and a customer's PBX goes into license violation... DON'T TOUCH IT FOR A WHILE or you might regret it, because it might just be a simple AMC thing. :)
-
Logged this with Mitel before and can confirm the lets encrypt only works on a single server deployment, If you have web proxy and micollab you will need to purchase one. I did find free ones out there but they needed renewing every 3 months.
-
Logged this with Mitel before and can confirm the lets encrypt only works on a single server deployment, If you have web proxy and micollab you will need to purchase one. I did find free ones out there but they needed renewing every 3 months.
Web Proxy perhaps... we are not using that, but we have a customer that uses AWVC, MiCollab Mobile, etc. with no issues using Let's Encrypt. I can think of three customers off the top of my head that are using it in this way, but none are using web proxy.