STARFACE WIKI (English)

Seitenhierarchie

Suche

Sie zeigen eine alte Version dieser Seite an. Zeigen Sie die aktuelle Version an.

Unterschiede anzeigen Seitenhistorie anzeigen

Version 1 Aktuelle »

Web interface of the STARFACEMenu "Configuration"Menu "Server"Tab "Web Server"

The HTTPS service is also activated by default for the STARFACE web server in addition to the HTTP service. Both services are available on the default port numbers (80 and 443), and they can also be changed in the respective fields. The Force redirect to HTTPS option makes access to the STARFACE web interface only possible over HTTPS.

Note: If the HTTP service is deactivated or if the default port 80 is modified, problems with independent connections can occur with the address book on SIP telephones, for example.

A certificate is required for the web server to use HTTPS. A provisional certificate is already stored in STARFACE. An entry mask opens when the "New Certificate button" is pressed. Two pieces of information are required under all circumstances in this mask:

  • Server name           This information refers to the domain for which the certificate is to be valid.
  • Days of validity       This information refers to how long the certificate is to be valid for in days.

The domain name must be complete and correct, e.g. companyname.net (without https://). Generally speaking, a certificate is not valid for possible sub-domains, but what are known as “wildcard certificates” are an exception to this rule. To meet the purpose of a server certificate, the certificate must be signed by a certificate authority (CA). A selection of recognized certificate authorities can be found in the settings of the web browser used.

Note: Please also note the respective certificate authorities’ requirements and conditions for this process.

An encrypted file of the certificate is generated using the "Certificate Request" button. The content of the window must be copied and sent to the selected certificate authority by e-mail. The certificate authority checks the application and sends the signed certificate back, generally by e-mail.

The signed certificate is imported using the "Import Certificate Response" button; a new window with two text boxes opens during this process. The certificate authority’s signed certificate is copied to the top text box. Since the structure of the feedback from the various certification authorities can be very different, it is recommended that all received certificates (with the exception of the root certificate of the certification authority) be copied together in the following form:

-----BEGIN CERTIFICATE-----
           CA Zertifikat
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
         Intermediate Zertifikat 1
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
          Intermediate Zertifikat 2
-----END CERTIFICATE-----

It should be noted that there is not always an intermediate certificate or there may be more than 2 intermediate certificates.
Note: It must be noted that no empty blank lines and spaces are inserted during the copying process.

The certificate authority’s root certificate is copied to the bottom text field.

  • Keine Stichwörter