If you are using PBXware version 4.1 and later, you can easily create and download your PBXwares private key and CSR files from PBXware Setup Wizard, in order to send them to certificate authorities:
HOWTO SSL Certificate Installation Guide
To start generating your certificate login to your PBXware shell. At the prompt, enter:
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
where server is the name of your server.
This will begin the process of generating two files: the Private-Key file for the decryption of your SSL Certificate, and a certificate signing request (CSR) file used to apply for your SSL Certificate.
When you are prompted for the Common Name enter fully qualified domain name for the site you are securing. If you are generating an Nginx CSR for a Wildcard SSL Certificate make sure your common name starts with an asterisk (e.g. *.example.com).
After that, you will be prompted for your organizational information, beginning with geographic information.
Your .csr file will then be created.
Save (backup) the generated .key file as it will be required later when installing your SSL certificate in Nginx.
In order to install certificate on your PBXware 3.8 you'll need to obtain it from certain certification authority. Once you get signed certificate you'll need to import it to PBXware.
First, copy your certification files to
/opt/pbxware/pw/etc/ssl/nginx/
After you did that, navigate to /opt/pbxware/pw/etc/ssl/nginx/
cd /opt/pbxware/pw/etc/ssl/nginx/
Your certificate files need to be renamed accordingly to:
nginx.crt nginx.key
but before you rename these files, it is suggested to create a backup of existing nginx.crt and nginx.key files:
mv nginx.crt nginx.crt.bak mv nginx.key nginx.key.bak
Now, rename your certificate files:
mv your-certificate.crt nginx.crt mv your-certificate.key nginx.key
You had to rename your files in order for paths to match nginx.conf settings:
##ssl portion server { listen 0.0.0.0:443; server\_name localhost; server\_name\_in\_redirect off; root /home/sitemanager/admin; ssl on; ssl\_certificate /etc/ssl/nginx/
**nginx.crt**
; ssl\_certificate\_key /etc/ssl/nginx/
**nginx.key**
; ssl\_ciphers ALL:!aNULL:!ADH:!eNULL:RC4+RSA:+HIGH:+MEDIUM:!LOW:!EXP; ssl\_prefer\_server\_ciphers on;
NOTE: Do not edit SSL certificate and SSL certificate key paths in nginx.conf so they match your files name and location, as on PBXware update nginx.conf file will get reverted to it's default settings and your certificate keys will not work.
Final step is to restart Nginx.
Stop nginx using command:
/opt/pbxware/sh/nginx -s stop
Start nginx with:
/opt/pbxware/sh/nginx