SSL Certificate

The SSL certificate configuration section provides access to control the certificate used by Client Applications (Phone Manager Desktop/Mobile, Call Recorder Client) and the web site for HTTPS if required. By default, a self-signed certificate is created by the MCS when it is installed. This is used by clients to communicate back to the MCS. This means the data sent between Phone Manager and MCS is encrypted. Alternatively a certificate may be purchased from a trusted certificate authority and installed on the MCS. When doing this, the DNS name used for the server/certificate must be accessible both internally and externally by the Phone Manager clients.

Optionally, when adding a certificate from a trusted authority, it can also be applied to the website and real-time services so that access to the configuration, Real-Time Dashboard/Wallboard and Call Recorder are all over HTTPS.

Certificate Properties

The properties of the certificate currently in use by the system are displayed on the page.

Status -> Self-Signed or Trusted
Certificate Expiry -> The date the certificate will expire
Hostnames -> The hostnames the certificate is currently supporting
Usage -> Indicates whether the certificate is just being used for client applications or the website as well

The hostnames used for the certificate need to match those configured in the Client Locations section. If using a self-signed certificate, the certificate will be regenerated automatically anytime these addresses get updated.

Requesting/Using a Trusted Certificate

To improve security and simplify Phone Manager Mobile client installations, a trusted certificate can be purchased and applied to the server. This is now required for mobile clients running iOS 15 or greater.

For more information on enabling HTTPS on the website, please refer to the Enabling HTTPS section.

A restart of the system is required for certificate changes to take effect.

If using a trusted certificate, it must be updated any time the local or remote addresses in the Client Locations section are updated.

Unbinding

To revert back to a self-signed certificate and remove a certificate that has been applied to the solution, press the 'Unbind from website' option at the bottom of the current certificate's information:

Using this option will unbind the certificate from the website and update the bindings in IIS, disabling the enforced SSL usage on the website.

To stop the certificate being used for Phone Manager Client connections, follow these steps:

Open MMC.exe
Add the Certificates snap-in for the Local Computer
In the snap-in, expand 'Personal -> Certificates'
Find the certificate with the friendly name "MCS - Phone Manager client connections", edit this and change the friendly name to something else (put OLD at the end etc)
Restart the MCS services
New self-signed certificates will be generated