Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

TLS On OneX 9.0.3

Status
Not open for further replies.

Hunnicut

IS-IT--Management
Feb 7, 2014
110
US
Having problems finding out of OneX 9.0.3. Supports TLS Certs, and if so how to set them up. I have OneX running on a Windows Server Box. The WebAdmin part of all this is new to me so I am in over my head with this stuff. Any help is appreciated.
 
Probably not what you want to hear but I would recommend changing the One-x to a Linux App Server installation.

Then once you have a certificate it can be added to the app server by

Adding the SSL Certificate to the Server Edition/App Server
(This is based on a wildcard cert we use of *.voice.company.cloud

Extract the Zip file to a location on your PC. There will be 5 files.
Log in to the Server Edition with IP Office Manager and switch to Security Settings
Navigate to System>Certificates.
Under Trusted Certificate Store, Click "Add" and browse to the location where you unzipped the files earlier. Select the Intermediate.cer file
Under Identity Certificate, ensure that Offer ID Certificate Chain checkbox is ticked and then click "Set".
Check "Import certificate from file" and click "OK" and browse to the location where you unzipped the files earlier.
Next to the Filename, click the dropdown and select "Personal Information Exchange (*.pfx) and select the voice.company.cloud.pfx file and click "Open"
Enter the password of *********
Click "OK" in the Security Settings and then Save. This will restart all the IP Office services.
After waiting a couple of minutes browse to and ensure that your browser shows the green padlock.

For Windows I have never had to do it but my docs say it is done as follows

Adding the SSL Certificate to the Windows Server - Following Oak Remote Installation

Open the IIS Manager from the Server Manager.
Select the local server in the configuration tree and then double click on the Server Certificates Icon
In the Actions menu on the right hand side, select Import
Browse for the *.voice.company.cloud PFX certificate used for the IP Office and enter the password. Select Web Hosting from the dropdown menu. Click OK
In the configuration tree, expand the Sites and click on OCP. In the Actions menu on the right hand side select Bindings
Click Add and enter HTTPS in the Type dropdown, leave the port to 443 for now, type clientname.voice.company.cloud in the Host Name field, select the imported SSL certificate in the dowpdown field. and click OK.
Remove the existing HTTP binding and then edit the newly created HTTPS binding to port 8050. Click Close



| ACSS SME |
 
Thank you for the information! I am sure it will be EXTREMELY helpful.
 
Excuse me for what might seem to be a stupid question, I don't know anything about certs.But this looks like you have instructions for SSL Certification? Does this work for TLS as well?
 
Sorry, just realised the mistake.

Never managed to get TLS certs working on the IPO, even following the instructions and getting Avaya/Scansource to have a look they just wouldn't work.

| ACSS SME |
 
Not what I wanted to see, but thank you!
 
This is for the Voicemail Pro Box, OneX. I am guessing that doesn't change anything. It still doesn't work because of the interface with the IPO?
 
Not sure, I was trying to get it working for H323 phones.

| ACSS SME |
 
Ok, for one-x we use SSL certificates to secure it and use TLS as the connection method which just requires it being turned on on the VoIP tab and the firewall be setting up for the correct port (we do not use 5061)

| ACSS SME |
 
I will take a look at those, thank you.
 
You have been so helpful I am ashamed to ask one more question. What we are looking to do is use TLS for the Client (App, Web interface) on the outside to the OneX Box. Is it just a matter of setting Tomkat to use TLS over SSL? Does OneX play nice that way?

Thank you for all your help and patients.
 
I honestly cannot answer that as never done one-x on windows.

WIth the app server one I do, I just add the certificate as above and turn on TLS on the IPO and then it just works.

| ACSS SME |
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top