V3 Generate SSL certificate with Let's Encrypt
The goal of this article is to provide you the steps needed to generate a trusted SSL certificate using Let's Encrypt with Debian.
Backup private key and certificate
Before running the SSL certificate generation, backup the existing private key and the certificate:
mv /etc/ssl/private/motion.key /etc/ssl/private/motion.key.bak
mv /etc/ssl/certs/motion.crt /etc/ssl/certs/motion.crt.bak
Install package dependencies
Connect to your server through SSH console and install the following packages:
apt -y install certbotObtaining a Certificate
TCP port 80 must be open to your server in order to obtain the certificate
Before obtaining the certificate, stop nginx service and be sure that no service is running on TCP port 443:
systemctl stop nginx
Once you installed the certbot package, you can run the command in SSH console and follow the instructions:
At the end of the process, your certificate, private key, and LE chain will be installed to /etc/letsencrypt/live/<YOUR_DOMAIN> directory.
Install the certificate
Copy the generated private key and certificate to the default directory (used by Asterisk and Nginx):
Restart services
Restart Asterisk and Nginx services in order to apply changes:
Related contents
https://xcally.atlassian.net/wiki/spaces/KB/pages/676364290 (Knowledge Base)
https://xcally.atlassian.net/wiki/spaces/XM/pages/1940161571/V3+Agents#Motion-WebRTC-Settings
https://xcally.atlassian.net/servicedesk/customer/portal/1/topic/4f0725a1-706f-47ab-8969-e30ddb4c285c/article/1851654509 (Advanced Wiki - required credentials)