+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: Configuration (/forumdisplay.php?fid=24)
+--- Thread: Yealink secure certificates and disabling ciphers (/showthread.php?tid=41422)
Yealink secure certificates and disabling ciphers - Scot E. - 12-28-2017 04:52 PM
A recent security scan shows my Yealink phones as having certificate vulnerabilities. Below are examples. Does Yealink offer a more secure certificate? Is there a method for me to disable certain ciphers? Is there a method for me to enable TLS 1.2 and disable earlier versions?
"The remote host supports the use of SSL ciphers that offer weak encryption."
The remote host supports the use of RC4 in one or more cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.
The server's X.509 certificate cannot be trusted.
RE: Yealink secure certificates and disabling ciphers - Lucia_Yealink - 12-29-2017 03:40 AM
Dear Customer,
Will follow up your problem via ticket system.
BR
Lucia