+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: Dect Phone Series (/forumdisplay.php?fid=6)
+--- Forum: W56P(Wireless) (/forumdisplay.php?fid=57)
+--- Thread: Unable to establish secure connection with CUCM (/showthread.php?tid=41715)
Unable to establish secure connection with CUCM - Georgi - 04-16-2018 02:02 PM
Hello community,
I am trying to deploy W56 phone with CUCM using TLS/SSL between them.
Disabling SSL the phone registers and works just fine. But when I enable secure communication I can't get the phone to register. TLS handshake can't be established.
I've done a packet capture and what I see is that we have the client and server Hello and the server requests certificate. Then the phone sends its own certificate, but the CUCM server rejects it with "Unknown CA" error.
My question is how to get the phone certificate and upload it in CUCM so I can make CUCM trust the phone? Or am I doing something wrong here? Is there someone who has this kind of setup? I would appreciate any help!
Regards!
RE: Unable to establish secure connection with CUCM - Lucia_Yealink - 04-17-2018 03:33 AM
HI Georgi,
For your problem, you can upload your server certificate mannualy on phone WUI to solve this issue.
Please refer to the picture attach to upload the file.
[attachment=4951]
Best Regards,
Lucia
RE: Unable to establish secure connection with CUCM - Georgi - 04-18-2018 11:54 AM
(04-17-2018 03:33 AM)Lucia_Yealink Wrote: HI Georgi,
For your problem, you can upload your server certificate mannualy on phone WUI to solve this issue.
Please refer to the picture attach to upload the file.
Best Regards,
Lucia
Hello Lucia,
I did upload the server certificate of CUCM to the phone in the Trusted Certificate section. The phone still sends the "support@yealink.com" signed certificate and CUCM rejects it.
Is there a way to make the phone use exactly the certificate I uploaded and not its own?
Thank you for your help!
Regards,
Georgi
RE: Unable to establish secure connection with CUCM - Lucia_Yealink - 04-20-2018 02:14 AM
HI Georgi,
Please send the certificate, the level 6 syslog, config.bin and PCAP when you reproduce the issue to us.
Refer to the FAQ below to collect the files:
http://support.yealink.com/faq/faqInfo?id=707
BR
Lucia