Xactview + SSL + Active Directory

Owned by Nathaniel Halbrooks
Dec 12, 2023
3 min read

Some customers needs to use SSL on Xactview and also some of them syncs their users with Active Directory, this guide will shows how to enable SSL and a fix for the known issue when syncing AD users. 

 

  1. We need to verify that Xactview server is running (Admin > iSymphonyV3) we should see something like this:

 

 

 

  1. We need to be running a valid certificate, I will use my domain:

mypbx.rocks with LetsEncrypt as an example.

 

  1. We are going to run these commands on the CLI: (be sure to replace mypbx.rocks for the customer's fqdn)

 

openssl pkcs12 -export -in /etc/asterisk/keys/mypbx.rocks/fullchain.pem -inkey /etc/asterisk/keys/mypbx.rocks/private.pem -name isymphony -out isymphony.pkcs12

That command is going to ask you for a password, you will have to re-submit the password. I used abc1234 as a password.

 

keytool -importkeystore -deststorepass isymphony -destkeypass isymphony -destkeystore isymphony.jks -srckeystore isymphony.pkcs12 -srcstoretype PKCS12 -alias isymphony

That command is going to convert the pcks12 file into a jks file (needed by iSymphony)

You need to copy the jks file into /opt/xactview3/server/conf/   so run this command:

 

cp ./isymphony.jks /opt/xactview3/server/conf

  1. We need to edit security.xml you will find that file on /opt/xactview3/server/conf

 

We are going to replace line 5 ( <SSLKeystore filename="" keystorePassword="" keyPassword="" certAlias="" /> ) with this line:

 

 

Also, as we need to access to the Administrator Panel and the Client Panel we are going to search for the servlets, you will need replace 

<SSL enabled="false" /> to <SSL enabled="true" /> only on the servlets you need to have access.

In this example I only enabled it on servlets "client" and "administrator" (at the bottom of the file)

 

Client servlet:

     

 

Administrator servlet:

 

 

We save the file and we restart the service with:  service XactViewServerV3 restart

 

Now, we are almost done, you need to go again to Admin > iSymphonyV3 and change the port (default is 58080, SSL uses 55050) also, you need to check "Use SSL" at the Server API Connection Settings.

That means customer needs to open port 55050 on his router in order to be able to access from outside the box.

 

 

 

After that, XactView should be working from outside using SSL =)

 

 

 

 

 

Finally, if the customer is using AD, you need to do this:

 

Edit file /opt/xactview3/server/jvm.args and add this inside:

 

 

 

 

If your XactView does not have ssl configured, change the port to "80" and protocol to "http" respectively.

Finally, you need to restart the service in order to apply the changes, after that AD users should be able to login to your XactView.

Return to Documentation Home I Return to Sangoma Support