Let’s Encrypt is a free, automated, and open Certificate Authority (CA). It enables you to obtain a valid web server certificate simply by providing your domain settings and then clicking a button. The acquired certificate is uploaded, installed, monitored and renewed automatically. You do not need to generate a certificate signing request (CSR) or go through the manual process of installing the certificate. These steps are handled by the CA and the local MSL server, and are invisible to you.
Programming Steps
To implement a Let's Encrypt SSL certificate, complete the following procedures:
To request a Let's Encrypt SSL certificate:
Field Name |
Description |
Status |
Indicates the status of the certificate, either enabled (successfully installed and active) or disabled (not successfully installed and inactive) |
Contact E-Mail |
Enter the email address of the administrator who Let's Encrypt should contact to deal with issues of certificate recovery or registration. |
Common Name |
Enter the common name to which you plan to apply your certificate. A web browser checks this field. It is required. The common name must be entered as a fully-qualified domain name (FQDN) that is publicly resolvable. Do not enter a domain name with a wild card character (e.g. *.example.com) because Let's Encrypt does not support wild card certificate requests. |
Alternate Name(s) |
Enter the domain name for each service (or "virtual host") in the LAN that you want to include in this certificate. For example, if your deployment includes a number of MSL application servers on the LAN, you would enter the FQDN of each server such as micollab.mitel.com, mivb.mitel.com, and micollabclient.mitel.com. If these addresses are not configured correctly, remote client access to the LAN-based services will be denied. The FQDNs must be publicly resolvable. |
Click Get Certificate. The Let's Encrypt system generates the certificate and returns it to the MSL system for automatic installation. If there are any problems with the certificate request or installation, an error message is displayed. If there are no problems, the Status field displays "enabled," indicating that the certificate has been successfully installed and is now active.
To modify a Let's Encrypt SSL certificate request:
To uninstall a Let's Encrypt SSL certificate and resume using the self-signed certificate:
To view details regarding currently installed web server certificate:
Field Name |
Details |
Issuer |
Lists the following information for the certificate authorization company that issued the certificate: |
C: country code |
|
ST: state or province |
|
L: locality name (for example: city name) |
|
O: name of the certificate authorization authority |
|
OU: name of the organizational unit |
|
CN: server hostname |
|
Authority/emailAddress: email address of the Certificate Authority |
|
Certificate Name |
The Common Name that identifies the fully qualified domain name associated with the certificate. |
Alternate Name(s) |
The FQDNs of each service (or "virtual host") included in the certificate. |
Valid From |
Date and time when the certificate takes effect. |
Expires |
Date and time when the certificate expires. NOTE: Events are raised prior to, and on the date of expiry of the certificate. Ensure to regularly check the event viewer or configure email alerts. Certificate already expired: MAJOR Expires in less than 1 week: MINOR Expires in less than 3 weeks: WARNING |