ViciBox supports SSL out of the box with a self-signed certificate. While functional, it is not recommended to use this certificate at all. It’s merely a place-holder for a real SSL certificate.

For clusters it’s recommended to use a wildcard SSL certificate. These are available from several Certificate Authorities including the free providers. Commercial SSL providers tend to be less problematic and require yearly renewals. The free SSL providers generally require that the certificate be renewed every 30 to 90 days through an automated process. It’s this automated process in conjunction with firewalls that tends to be an issue.


Before SSL can be setup the server needs a Fully Qualified Domain Name aka ‘FQDN’. For example, if ‘’ is the FQDN for the server then the ViciDial web interface should be accessible at ‘’ in a web browser. Until this is correctly working no SSL certificate ever will.

Common Files

To help SSL certificates work across a cluster without requiring multiple webRTC templates there is a common file location that Apache and Asterisk is configured to use. By default the self-signed certificate is located there. To install your own certificates a symlink should be created from the actual SSL certificate to the common one.

Common SSL files

File Location



Public Certificate


Certificate Key


Optional Certificate Authority Chain


If vicibox-ssl is used then no common configuration is needed. The common config is handled as part of it.


The SSL certificates can be symlinked to the common vicibox certificates to help simplify setup.

Configure common SSL
cd /etc/apache2/ssl.crt
mv vicibox.crt vicibox.crt.old
ln -s /file/path/to/ssl.crt vicibox.crt
cd /etc/apache2/ssl.key
mv vicibox.key vicibox.key.old
ln -s /file/path/to/ssl.key vicibox.key
service apache2 restart
asterisk -rx "core restart now"

Verify that SSL is working by going to in a web browser. If there are no SSL warnings then it’s installed correctly.

ViciBox SSL

To help secure the web interface on the internet ViciBox comes with vicibox-ssl. This script sets up free SSL certificates through the Let’s Encrypt certificate authority and the client. There is also an included script designed to help renew SSL certs when the local firewall is running. This is all handled automatically during the setup.

Example SSL settings



Fully Qualified Domain Name (FQDN)

EMail Alert Address


  1. If not already, login as the root user to get to the # command prompt.

  2. Type vicibox-ssl and press ENTER to start the setup process.

  3. Type in the EMail address to use for the SSL certificate, I.E.

  4. Type in the FQDN to use for the SSL certificate, I.E.

  5. After reviewing the typed in information, press Y and then ENTER to start the automated setup process. If the SSL setup fails for whatever reason an error message will be displayed.

  6. After an SSL certificate is generated, press Y and press ENTER to enable the new certificate in Apache and Asterisk

  7. Press Y and ENTER to setup the needed crontab entry for cert renewal

  8. Once back at the # command prompt, verify that Asterisk has loaded the SSL certs by running asterisk -rx "http show status". It should say HTTPS Server Enabled.

  9. The last test is to go to and verify that the browser is secure.


Run vicibox-ssl
Run vicibox-ssl and setup SSL certificate
Setup new SSL cert
Setup new SSL cert and crontab
Verify Asterisk loaded new cert
Verify new SSL certificate is loaded in Asterisk
Verify https in web browser
Verify the web browser connects via SSL