T20 TLS Config - Common Name Validation - Printable Version +- Yealink Forums (http://forum.yealink.com/forum) +-- Forum: IP Phone Series (/forumdisplay.php?fid=4) +--- Forum: Configuration (/forumdisplay.php?fid=24) +--- Thread: T20 TLS Config - Common Name Validation (/showthread.php?tid=2530) |
T20 TLS Config - Common Name Validation - janeuner - 10-08-2014 11:34 PM I believe I have found a defect in the Yealink T20 X.509 CN validation process. Is a workaround possible? I have a Yealink T20 with the following configuration: Quote:Firmware Version - 9.71.0.140 I have configured the device with a CA which authenticates the following server certificate... Quote:Certificate: If I set the following parameters under the Security tab, the device registers and handles calls correctly. Quote:Only Accept Trusted Certificates - Enabled However, if I switch Common Name Validation to Enabled, the device will not register. When I inspect the device's syslog, I find the following entries. Quote:Oct 8 15:20:46 SIP [493]: SDL <6+info > [001] SSL_connect succeeded For my applications, the ability to validate server certificates is highly desired. Please advise. RE: T20 TLS Config - Common Name Validation - James_Yealink - 10-10-2014 02:52 PM Hi Janeuner, Firstly please upgrade to V73 firmware and check again. http://forum.yealink.com/forum/announcements.php?aid=8 If the problem persist, please get a pcap/config.bin/level 6 syslog. Our R&D will do an analysis. http://forum.yealink.com/forum/showthread.php?tid=1319 Regards, James RE: T20 TLS Config - Common Name Validation - janeuner - 10-10-2014 10:32 PM Today's V73 beta firmware did the job. Thanks! |