3cx Debian Letsencrypt automatic certificate FQDN update

apt install vim
cp -a vim /etc/nginx/sites-available/default /etc/nginx/sites-available/YOURFQDN.conf
vim /etc/nginx/sites-available/YOURFQDN.conf

Change
server_name _;
To
server_name YOURFQDN.com;

Example: server_name try.try.com;

Save

Enable website:

ln -s /etc/nginx/sites-available/YOURFQDN.conf /etc/nginx/sites-enabled/

reload nginx

service nginx reload

Install certbot for nginx:

sudo apt update
sudo apt install python3-acme python3-certbot python3-mock python3-openssl python3-pkg-resources python3-pyparsing python3-zope.interface
sudo apt install python3-certbot-nginx

Generate certificate

certbot –nginx -d YOURFQDN.com

Find certificate path in nginx YOURFQDN.conf file

ssl_certificate /etc/letsencrypt/live/YOURFQDN.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/YOURFQDN.com/privkey.pem; # managed by Certbot

These al SYM LINK, so find the right file using ls -l in the /etc/letsencrypt/live/YOURFQDN.com/ directory

Find 3cx default istance certificate folder opening /etc/nginx/sites-enable/3cxpbx

ssl_certificate /var/lib/3cxpbx/Bin/nginx/conf/Instance1/YOURFQDN.com-crt.pem;^M
ssl_certificate_key /var/lib/3cxpbx/Bin/nginx/conf/Instance1/YOURFQDN.com-key.pem;^M

Now create a .sh file in your home folder

vim /home/root/certcopy.sh

cp -a /etc/letsencrypt/archive/YOURFQDN.com/fullchain1.pem /var/lib/3cxpbx/Bin/nginx/conf/Instance1/
cp -a /etc/letsencrypt/archive/YOURFQDN.com/privkey1.pem /var/lib/3cxpbx/Bin/nginx/conf/Instance1/
chown phonesystem:phonesystem /var/lib/3cxpbx/Bin/nginx/conf/Instance1/*.pem
mv /var/lib/3cxpbx/Bin/nginx/conf/Instance1/fullchain1.pem /var/lib/3cxpbx/Bin/nginx/conf/Instance1/YOURFQDN.com-crt.pem
mv /var/lib/3cxpbx/Bin/nginx/conf/Instance1/privkey1.pem /var/lib/3cxpbx/Bin/nginx/conf/Instance1/YOURFQDN.com-key.pem

Close and save
Add execution permission to file

chomod +x /home/root/certcopy.sh

Create BK of your 3cx certificate

mkdir /home/root/bk
cp -a /var/lib/3cxpbx/Bin/nginx/conf/Instance1/* /home/root/bk/

run sh script
cd /home/root/
./certcopy.sh

Restart nginx

service nginx restart

Test your web 3cx config page to check certificate issue. If ok create crontab

crontab -e
/30 * * * * /home/root/certcopy.sh

Every 30 minute your certificate will be updated with the letsencrypt generated.

3cx Debian Letsencrypt automatic certificate FQDN update

Share This Story, Choose Your Platform!

Titolo