1. Download the file named - le64.zip from below link.
https://github.com/do-know/Crypt-LE/releases
2. Create folder in C:\ and unzip the file there. Example C:\bat
3. Now create a bat file as below script and save it in the C:\bat folder
c:\bat\le64.exe --legacy --email address@domain.com.mv --key account.pbx.domain.com.mv.key --csr pbx.domain.com.mvcsr --csr-key pbx.domain.com.mv-key.pem --crt pbx.domain.com.mv-crt.pem --domains "pbx.domain.com.mv" --path C:\ProgramData\3CX\Instance1\Data\Http\webroot\.well-known\acme-challenge --generate-missing --unlink --live
copy /Y pbx.domain.com.mv-key.pem "%programfiles%\3CX Phone System\Bin\nginx\conf\instance1"
copy /Y pbx.domain.com.mv-crt.pem "%programfiles%\3CX Phone System\Bin\nginx\conf\instance1"
· Email address should be a valid one
· Wherever pbx.domain.com.mv is mentioned you can replace with your domain name (FQDN)
· You may have to create folders .well-known\acme-challenge, to create folder with dot you will have to open cmd and type mkdir .well-known
4. Navigate to the folder path C:\Program Files\3CX Phone System\Bin\nginx\conf and edit file nginx.conf as below (make sure you take a backup of this file before editing)
5. Navigate to the folder path C:\Program Files\3CX Phone System\Bin\nginx\conf\instance1 and rename the files within the folder as
6. Now make sure you Firewall port 80 (http) is allowed (port forwarding or NAT) to the server. The nginx server http port is 5000 thus you can add a PAT. Outside access port as 80 and inside port as 5000.
7. Now run the script file from C:\bat (script file created at step 3)
8. If everything goes right without error, you will fine below response from the script file.
C:\bat>BAT.BAT
C:\bat>c:\bat\le64.exe --legacy --email email@domain.com.mv --key account.pbx.taviyani.com.mv.key --csr pbx.domain.com.mvcsr --csr-key pbx.domain.com.mv-key.pem --crt pbx.domain.com.mv-crt.pem --domains "pbx.domain.com.mv" --path C:\ProgramData\3CX\Instance1\Data\Http\webroot\.well-known\acme-challenge --generate-missing --unlink --live
2020/08/05 12:59:10 [ ZeroSSL Crypt::LE client v0.35 started. ]
2020/08/05 12:59:10 Loading an account key from account.pbx.domain.com.mv.key
2020/08/05 12:59:10 Loading a CSR from pbx.domain.com.mvcsr
2020/08/05 12:59:13 Registering the account key
2020/08/05 12:59:14 The key is already registered. ID: 89317188747
2020/08/05 12:59:14 Current contact details: email@domain.com.mv
2020/08/05 12:59:15 Successfully saved a challenge file 'C:\ProgramData\3CX\Instance1\Data\Http\webroot\.well-known\acme-challenge/egL13sDn4wIGA5nmBUrWRT1LAgIg8S6JqIaG4b-k89hERqU' for domain 'pbx.domain.com.mv'
2020/08/05 12:59:18 Domain verification results for 'pbx.domain.com.mv': success.
2020/08/05 12:59:18 Challenge file 'C:\ProgramData\3CX\Instance1\Data\Http\webroot\.well-known\acme-challenge/egL13sDn4wIA5nmBUrWRLAgIg8SJqIaG4b-k89hERqU' has been deleted.
2020/08/05 12:59:18 Requesting domain certificate.
2020/08/05 12:59:19 Requesting issuer's certificate.
2020/08/05 12:59:19 Saving the domain certificate to pbx.domain.com.mv-crt.pem.
2020/08/05 12:59:19 Saving the issuer's certificate to pbx.domain.com.mv-crt.ca.
2020/08/05 12:59:19 The job is done, enjoy your certificate!
C:\bat>copy /Y pbx.domain.com.mv-key.pem "C:\Program Files\3CX Phone System\Bin\nginx\conf\instance1"
1 file(s) copied.
C:\bat>copy /Y pbx.domain.com.mv-crt.pem "C:\Program Files\3CX Phone System\Bin\nginx\conf\instance1"
1 file(s) copied.
C:\bat>
Now create a schedule task to run every 90days
