Yealink Forums

Full Version: SHA1 certificates: A BIG problem
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Ok, as Yealink will be aware I'm sure, it is no longer possible to get SHA1 certificates through the usual CAs. This is a BIG problem for our installed base out there, as the vast majority of handsets cannot accept SHA256 certificates.

I appreciate that there is a guide on how to disable the trusted certificates manually on the phone, or upgrade the firmware but this does not help us. And this is not autoprovisioning!

Yealink handsets have a Yealink CA loaded into them by default, so it stands to reason that Yealink can generate certificates for RPS servers. I have contacted Yealink UK and they seem to agree that this is possible, but are quoting long delays as the request will need to go via China.

This is an urgent issue for us as we need to renew the certificate on our RPS server, and we have a customer (the first of many, I'm sure) who is trying to restore the config on one of his phones.

We need a fix for this URGENTLY. Yealink have a duty to assist in this situation! Please advise!!

We are very worried about your issue,and I will FW your infomation to my colleage,he will help you ASAP.


+1 as we are in the same position. We are having to consider using HTTP until this problem is resolved which is a complete failure from a security perspective. Do hope Yealink come up with a solution very quickly indeed.
Support please advise on status of this.
Reference URL's