Starting from version 5.1 Sippy Softswitch will be able to generate it's own SSL certificate. Customers will still be able to upload their own SSL Certificates. The Newly Generated SSL certificates process will be described in this article.
What is SSL certificate
SSL Certificate is a small data file that digitally binds a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins.
- The service is provided by https://letsencrypt.org/ certificate authority (CA).
- Proper DNS A-record pointed to IP address of environment.
- Open access to 80 TCP port. This is required by CA to issue and renew the certificates.
How to generate a new certificate
- Add DNS A-record for one of the IP addresses, assigned to the environment and check if it is available from Internet.
- Set Web Address parameter to the DNS A-record in Environment's Preferences/System Parameters page
- Check on Generate SSL Cert. checkbox below Web Address field
- Or the same (as in item 3) may be done via the System Parameters -> Generate SSL Cert. checkbox.
- Wait for 5 minutes to allow the system to generate and install new SSL certificate. Web server will restart.
- Check the Certificate in your browser.
How to renew an existing certificate
- All work related to certificates renewal is done by system itself. No special handling is required from switch operator.