3CX TLS Setup
3CX TLS Setup
1. Contact Voxtelesys
You will need to reach out to Voxtelesys and schedule a time to move your trunk to TLS/SRTP, this feature will be coming to the https://portal.voxtelesys.net/ soon but for now it requires a ticket with [email protected]
2. Verify your Voxtelesys Domain on your 3CX
Open your Voxtelesys SIP trunk and ensure that your Registrar/Server/Gateway Hostname or IP is set to 3cx.pstn.voxtelesys.net
If you have a unique domain name like xxxxxx-xxxx.sip.voxtelesys.net then reach out to support and request a new registration domain.
3. 3CX Trunk Updates
Go to Options and change the following settings:
-
SRTP Mode = Enabled
-
Transport Protocol = TLS
Before saving the trunk settings we will need to upload the root certificate for the domain.
4. Download the Root Certificate
Go to https://letsencrypt.org/certificates and download the Active "PEM" certificate.
5. Load Cert into 3CX
Go back to the 3CX and upload the certificate under options > Transport Protocol = TLS > Click "Upload"
You should now see an expiration date.
Save the Trunk settings
6. Verify with Voxtelesys
Let Voxtelesys support know that the TLS/SRTP is in place on the 3CX trunk and support will verify the correct settings are enabled on your trunks!
Take note!
Incompatibility issues have been observed with custom FQDN's (non-3CX provided domains). Contact support for more information and a possible work-around.