vaheeD khoshnouD

linux, mikrotik, macosx

How to install ACME2 SSL Certificate On ViciDial

Written by vaheeD on October 20, 2020
0.00 avg. rating (0% score) - 0 votes

Just realized that client isnt ACME2 compatible. I recommend you do the following: 


zypper in socat
wget -O -  https://get.acme.sh | sh

Then create this script and run it. Syntax is -e [email protected] -d vicidial.testdomain.com 


#!/bin/bash

while getopts ":e:d:" options; do
    case "${options}" in
        e)
           EMAIL=${OPTARG} ;;
        d)
      DOMAIN=${OPTARG} ;;
        :) echo "Error: -${OPTARG} requires an argument."; exit 1;;
        *) echo "Internal error!" ; exit 1 ;;
    esac
done

if [ -z "$EMAIL" ]
then
   echo "Missing -e Email option!"
   exit 1
fi
if [ -z "$DOMAIN" ]
then
   echo "Missing -d Domain option!"
   exit 1
fi

mkdir /etc/certbot/live/$DOMAIN
/root/.acme.sh/acme.sh --issue -d $DOMAIN -w /srv/www/htdocs/ --cert-file /etc/certbot/live/$DOMAIN/cert.pem --key-file /etc/certbot/live/$DOMAIN/privkey.pem --fullchain-file /etc/certbot/live/$DOMAIN/fullchain.pem --accountemail $EMAIL

sed -i "/SSLCertificateFile/c\\\tSSLCertificateFile /etc/certbot/live/$DOMAIN/cert.pem" /etc/apache2/vhosts.d/1111-default-ssl.conf
sed -i "/SSLCertificateKeyFile/c\\\tSSLCertificateKeyFile /etc/certbot/live/$DOMAIN/privkey.pem" /etc/apache2/vhosts.d/1111-default-ssl.conf
sed -i "/SSLCACertificateFile/c\\\tSSLCACertificateFile /etc/certbot/live/$DOMAIN/fullchain.pem" /etc/apache2/vhosts.d/1111-default-ssl.conf
sed -i "/tlscertfile=/c\\tlscertfile=/etc/certbot/live/$DOMAIN/cert.pem" /etc/asterisk/http.conf
sed -i "/tlsprivatekey=/c\\tlsprivatekey=/etc/certbot/live/$DOMAIN/privkey.pem" /etc/asterisk/http.conf
/usr/sbin/rasterisk -x 'module reload http'
/sbin/service apache2 restart

echo "  If this is a telephony server you will need to modify the 'Web Socket URL'"
echo "  field for this server under the Admin --> Servers section. It will need to be"
echo "  changed to :"
echo "    wss://$DOMAIN:8089/ws"
echo
echo "  You will also need to modify the 'webRTC' template under the Admin --> Templates"
echo "  section. You want to change the following options under the "
echo "  'Template Contents' :"
echo "    dtlscertfile=/etc/certbot/live/$DOMAIN/cert.pem"
echo "    dtlsprivatekey=/etc/certbot/live/$DOMAIN/privkey.pem"

Now chmode your script and run …

0.00 avg. rating (0% score) - 0 votes

Posted Under: Linux

About vaheeD

Leave a Reply

Your email address will not be published. Required fields are marked *

Protected by WP Anti Spam