Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

vMiVB 9.0 and Lets Encrypt certificate generation

Status
Not open for further replies.
TCSI17

TCSI17

Vendor
Mar 6, 2018
86
0
0
CA
Hi,
Has anyone been able to successfully get Let's Encrypt cert generation to work on a virtual MiVB specifically?
I can do the Let's Encrypt certs on MBG and MiCollab via the MSL interface fine, but the MiVB Server Manager it won't work.
I have tried to configure the Remote Proxy in MBG to forward the request to MiVB, but I have a feeling its not working as MBG is trying to authenticate the Let's Encrypt request and thus failing the connection verification.
Just curious more than anything, to see if anyone has been able to do this. It's strange that Mitel has that ability in MiVB Server Manager but yet it doesnt work properly. Or they don't have the necessary setup within MBG to properly deal with the MiVB Let's Encrypt certificate validation process...

Once again, thanks for the input.
 
Sort by date Sort by votes
I have not tried this, but MBG proxy may not handle this.
 
Upvote 0 Downvote
I would try upload Let's Encrypt Cert to MBG Proxy, once that's successful, download the Cert from MBG Proxy and upload to other servers (MiVB/MiCollab/etc)
This will remove any SSL cert verification complications as the same SSL auth is used through out.




Clever men learns what Wise men shares!
 
Upvote 0 Downvote
@Valamagules thanks. I was trying to look for an automated way of keeping the MiVB cert up to date via the automatic Let's Encrypt renewal. since Let's Encrypt only issues 3 month certs, it would get hard to manage always exporting and importing the certs every 3 months.

I think i will open a ticket with Mitel Support and see what they say. Seems strange that MiCollab works ok but MiVB does not. It's probably the fact that MBG does not allow virtual directory access to MiVB other than /server-manager/ (or something like that). MiCollab allows more unrestricted access as it has a public portal. I will post back once I get an answer from them.
 
Upvote 0 Downvote
I would try upload Let's Encrypt Cert to MBG Proxy, once that's successful, download the Cert from MBG Proxy and upload to other servers (MiVB/MiCollab/etc)
This will remove any SSL cert verification complications as the same SSL auth is used through out.
Click to expand...

If you do this, just remeber that it will expire and not renew like a normal Let's Encrypt. But it should work as I have done this. On thing I maght ask, does the name of the MiVB resolve externally to the MBG?
 
Upvote 0 Downvote
Yep, the DNS name resolves externally to the MBG. I set the MBG up with Remote Proxy Services to the DNS name of the MiVB. Basically the exact same as i have done for MiCollab.
I'm wondering if it has to do with the 'supported applications' tab in Remote Proxy Services? It says MiVB requires minimum admin level access whereas MiCollab requires minimum user level access. Maybe there are permission differences on the webserver of MiVB? Just a theory. Not really sure exactly how ACME protocol works. I haven't dug into the inner workings yet.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Crowtalks
  • Locked
  • Question
MiVB 9.0 MXE III raid question
Replies
2
Views
135
Crowtalks
Crowtalks
Tinos
  • Locked
  • Question
Sip Trunk configuration on vMIVB
Replies
8
Views
129
Lundah
Lundah
Q
  • Question
Issue with Mitel and Avaya Interconnection
Replies
2
Views
394
AH64Armament
AH64Armament
hotelmotelpatel
  • Locked
  • Question
MXEIII password reset Via console port Mi-Voice Business 9.0 1
Replies
2
Views
66
hotelmotelpatel
hotelmotelpatel
idahomitel
  • Question
SX 200 ICP CFNA and xfer problems
Replies
18
Views
250
The mitel guy
The mitel guy

Part and Inventory Search

Sponsor

Back
Top