03-10-2016, 08:32 AM
I have been using a self-signed cert and it has been working great with four different models of Yealink phones. I am now trying to use a wildcard certificate from GoDaddy and running into problems. The certificate will be accepted if I do not enable "Only Accept Trusted Certificates", but if I enable it, the lines will not register. I have uploaded the CA cert given to me by GoDaddy in addition to the GoDaddy root certificate and even the certificate itself to the Trusted Certificate store. I have the level 6 log and the certificates if needed for troubleshooting. I'm not sure what to do. I have tried everything I could. It works fine with my self-signed cert (not a wildcard) and CA, but not with my wildcard cert. Any thoughts?
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] SSL_connect (read done)
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] SSL_connect succeeded
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] SSL_is_init_finished done
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] tls_connect: remote certificate: subject:/OU=Domain Control Validated/CN=*.REMOVED.com
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] tls_connect: remote certificate: issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
Mar 10 00:30:50 SIP [371]: SDL <3+error > [000] Failed to verify remote certificate
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] verification failure: self signed certificate in certificate chain
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] SSL_connect (read done)
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] SSL_connect succeeded
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] SSL_is_init_finished done
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] tls_connect: remote certificate: subject:/OU=Domain Control Validated/CN=*.REMOVED.com
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] tls_connect: remote certificate: issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
Mar 10 00:30:50 SIP [371]: SDL <3+error > [000] Failed to verify remote certificate
Mar 10 00:30:50 SIP [371]: SDL <6+info > [000] verification failure: self signed certificate in certificate chain