Yealink Forums

Full Version: HTTPS Certificates
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi all,
I need your advice re SSL trusted certificates initially built into Yealink phones. We have requested and got signed SSL wildcard certificate for our provisioning server signed by Thawte (CA). Unlike other devices and web browsers who are able to recognize trusted certificate, Yealink phones (in this case T28p) are not able to do it. Although we can see trusted certificate from Thawte which came on the phone (see attachment), we are getting certificate error in the phone's logs. Could you comment on this?

It’s very important to us to get phones working out of the box with the built in proper trusted certificate list. In our case this is Thawte.

This is the log output for the initial HTTPS setup process:

Apr 30 19:06:31 LIBD[397]: DCMN<6+info > Connecting IP =, Port = 443
Apr 30 19:06:31 LIBD[397]: DCMN<6+info > SSL_connect (read done)
Apr 30 19:06:31 LIBD[397]: DCMN<6+info > Server Certificate verify error!
Apr 30 19:06:31 LIBD[397]: HTTP<3+error > Connect Error
Apr 30 19:06:31 ATP [397]: ATP <3+error > https to file failed, code = -3, msg = Connect Failed, retry = 3
Apr 30 19:06:31 ATP [397]: ATP <4+warnin> Download mac.cfg fail

The screen shot of the phone’s security configuration is attached along with the wireshark trace from the phone. Have a look at the packet 285 from the phone in the trace.

Thanks, Tomislav
Dear Tom,

Please check your Private Message.
Thanks and regards
Since the reply was sent through private message, the rest of us don't get to hear the solution.

It appears to me that the yealink phones (T32G in my case) don't know how to speak modern SSL. I am on the latest firmware. Is there any solution for these phones, other than to disable SSL?

Do you have a list of yealink phones that aren't compatible with modern https servers?
Reference URL's