+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: General topics (/forumdisplay.php?fid=15)
+--- Thread: TLS errors (/showthread.php?tid=44644)
TLS errors - jverbarg - 11-05-2020 09:07 PM
Hey, I just got a new batch of T46S phones, a couple will not register over TLS.
Each phone is configured the same, is on the same firmware version: 66.85.0.5
Has the same hardware version: 66.0.0.128.0.0.0
Has a factory installed device certificate
When I do a capture, they all start negotiating over TLS 1.2, same cipher suite selected (0xc014), but on a couple of the devices, after that initial negotiation, the phone initiates a downgrade to TLS 1.0, which my server then rejects.
How do I stop this? Thanks
RE: TLS errors - complex1 - 11-05-2020 09:26 PM
(11-05-2020 09:07 PM)jverbarg Wrote: Hey, I just got a new batch of T46S phones, a couple will not register over TLS.
Each phone is configured the same, is on the same firmware version: 66.85.0.5
Has the same hardware version: 66.0.0.128.0.0.0
Has a factory installed device certificate
When I do a capture, they all start negotiating over TLS 1.2, same cipher suite selected (0xc014), but on a couple of the devices, after that initial negotiation, the phone initiates a downgrade to TLS 1.0, which my server then rejects.
How do I stop this? Thanks
Hi,
Please add next to your provisioning file.
Code:
##It configures the TLS version the IP phone uses to authenticate with the server.
static.security.default_ssl_method = 5Hope this will help.
RE: TLS errors - jverbarg - 11-10-2020 08:36 PM
(11-05-2020 09:26 PM)complex1 Wrote: Please add next to your provisioning file.
Code:
##It configures the TLS version the IP phone uses to authenticate with the server.
static.security.default_ssl_method = 5
Tried that, and I know the setting is applying because when I export the config from the phone, it's in there:
Code:
#!version:1.0.0.1
### This file is the exported MAC-static.cfg.
static.network.wifi.internet_port.type = 0
static.network.wifi.ip_address_mode = 0
static.network.wifi.ipv6_icmp_v6.enable = 1
static.network.wifi.ipv6_internet_port.type = 0
static.network.wifi.ipv6_prefix = 64
static.network.wifi.ipv6_static_dns_enable = 0
static.network.wifi.preference = 0
static.network.wifi.static_dns_enable = 0
static.security.default_ssl_method = 5
static.watch_dog.enable = 0Still doesn't work.
RE: TLS errors - complex1 - 11-10-2020 09:18 PM
Best to do for now is to submit a support ticket at Yealink.
https://ticket.yealink.com/