+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: Auto Provisioning (/forumdisplay.php?fid=14)
+--- Thread: account.X provisioning (/showthread.php?tid=46453)
account.X provisioning - vieri - 02-09-2023 01:55 AM
Hi,
I can't seem to provision settings such as:
account.1.auth_name = sip1234
account.1.display_name = 1234
account.1.label = 1234
account.1.user_name = sip1234
However, the following is provisioned properly (same file):
account.1.enable = 1
account.1.sip_server.1.address = 10.0.0.10
What should I check?
Is there a client log?
Regards
RE: account.X provisioning - complex1 - 02-09-2023 02:24 AM
(02-09-2023 01:55 AM)vieri Wrote: Hi,
I can't seem to provision settings such as:
account.1.auth_name = sip1234
account.1.display_name = 1234
account.1.label = 1234
account.1.user_name = sip1234
However, the following is provisioned properly (same file):
account.1.enable = 1
account.1.sip_server.1.address = 10.0.0.10
What should I check?
Is there a client log?
Regards
Hi,
These parameters should be fine, but you are forgetting the password parameter:
account.1.enable = 1
account.1.label =
account.1.display_name =
account.1.auth_name =
account.1.user_name =
account.1.password = <secret>
account.1.sip_server.1.address =
RE: account.X provisioning - vieri - 02-09-2023 04:49 PM
Hi,
Sorry I can't reply with a fully detailed log because I¡m getting this message from the Yealink forum:
Code:
Akismet has detected that this is a spam message and will not be processed.
If you find this is in error please contact your system administrator.So I'll just make the story short.
This works:
Code:
account.2.enable = 1
account.2.sip_server.1.address = sip.domain.orgCode:
account.2.password = 123401010101010010101010101001010101010101001010101
account.2.auth_name = sip1234
account.2.display_name = 1234
account.2.label = 1234
account.2.user_name = sip4068However, doing the same for account.1 doesn't.
Why?
Is it a bug or a feature/restriction?
EDIT:
My phones are T31G with this firmware.
Code:
Version
Firmware Version 124.86.0.40
Hardware Version 123.1.0.32.2.0.0RE: account.X provisioning - complex1 - 02-09-2023 08:19 PM
(02-09-2023 04:49 PM)vieri Wrote: Hi,
Sorry I can't reply with a fully detailed log because I¡m getting this message from the Yealink forum:
Code:
Akismet has detected that this is a spam message and will not be processed.
If you find this is in error please contact your system administrator.
So I'll just make the story short.
This works:
Code:
account.2.enable = 1
account.2.sip_server.1.address = sip.domain.org
Code:
account.2.password = 123401010101010010101010101001010101010101001010101
account.2.auth_name = sip1234
account.2.display_name = 1234
account.2.label = 1234
account.2.user_name = sip4068
However, doing the same for account.1 doesn't.
Why?
Is it a bug or a feature/restriction?
EDIT:
My phones are T31G with this firmware.
Code:
Version
Firmware Version 124.86.0.40
Hardware Version 123.1.0.32.2.0.0
Hi,
It's not a bug or limitation of the phone... setting up account 1 should just work.
I suggest to factory reset the device and try again.
RE: account.X provisioning - vieri - 02-09-2023 09:30 PM
I can't even downgrade a firmware via auto-provisioning with:
Code:
static.firmware.url = https://my.domain.org/yealink/firmware/T31G.old.rom...and I know the client phone is downloading the firmware image because I see it in my Apache log:
Code:
GET /yealink/firmware/T31G.old.rom HTTP/1.1" 200 11934400I'll try to reset to factory defaults, but this looks buggy.
Too bad the client phone can't log to a remote syslog server (in the hope of seeing why the client does not apply my provisioned data).
After resetting to factory defaults, auto-provisioning now works for account.1 too. Very odd.
However, it only works for HTTP - not for HTTPS. What should I do to provision via HTTPS? My HTTP service uses Letsencrypt signed certs. Do I need to import the Letsencrypt CA in each phone before provisioning?
I also noticed that downgrading the firmware does not work when autoprovisioning.
RE: account.X provisioning - complex1 - 02-09-2023 10:41 PM
(02-09-2023 09:30 PM)vieri Wrote: I can't even downgrade a firmware via auto-provisioning with:
Code:
static.firmware.url = https://my.domain.org/yealink/firmware/T31G.old.rom
...and I know the client phone is downloading the firmware image because I see it in my Apache log:
Code:
GET /yealink/firmware/T31G.old.rom HTTP/1.1" 200 11934400
I'll try to reset to factory defaults, but this looks buggy.
Too bad the client phone can't log to a remote syslog server (in the hope of seeing why the client does not apply my provisioned data).
After resetting to factory defaults, auto-provisioning now works for account.1 too. Very odd.
However, it only works for HTTP - not for HTTPS. What should I do to provision via HTTPS? My HTTP service uses Letsencrypt signed certs. Do I need to import the Letsencrypt CA in each phone before provisioning?
I also noticed that downgrading the firmware does not work when autoprovisioning.
Hi,
Sorry, but I can't help you with certificates. There are too many snags and eyes on this.
Maybe other forum members can help you with this.
RE: account.X provisioning - vieri - 02-10-2023 01:23 AM
Actually, the yealink clients have syslog.
Here's what happens when I use HTTPS instead of HTTP:
Code:
ATP [833.846]: ATP <6+info > Upgrade from mac.boot
ATP [833.846]: DURL<6+info > [DCMN]download to file...
ATP [833.846]: DURL<6+info > [DCMN]Use new short connect.
ATP [833.846]: DURL<6+info > [DCMN]HTTP request use auth = 0.
ATP [833.846]: DURL<6+info > [DCMN]ssl cipher:AES:!ADH:!LOW:!EXPORT:!NULL
ATP [833.846]: DURL<6+info > [DCMN]I will write to file: /tmp/xxx.cfg
ATP [833.846]: DURL<6+info > [DCMN]Request ip is 10.0.0.10:443.
ATP [833.846]: DURL<6+info > [DCMN]Connect is short Cleanup curl.
ATP [833.846]: DURL<3+error > [DCMN]download common error, errcode:60, no out.
ATP [833.846]: DURL<6+info > [DCMN]download common error, remove file.
ATP [833.846]: ATP <3+error > https to file failed, code = -160, msg = , retry = 1
ATP [833.846]: ATP <4+warnin> Download mac.boot fail
GUI [777:777]: EMSG<6+info > 217.808.053:CEtlMsgHandler::OnETLMessage beg msg[196610] size[1] depth[0]
GUI [777:777]: ZERO<6+info > 217.808.127:atp notify update 19
GUI [777:777]: EMSG<6+info > 217.808.178:CEtlMsgHandler::OnETLMessage end msg[196610] size[1] depth[0]
ATP [833.846]: ATP <6+info > Upgrade from default.boot
ATP [833.846]: DURL<6+info > [DCMN]download to file...
ATP [833.846]: DURL<6+info > [DCMN]Use new short connect.
ATP [833.846]: DURL<6+info > [DCMN]HTTP request use auth = 0.
ATP [833.846]: DURL<6+info > [DCMN]ssl cipher:AES:!ADH:!LOW:!EXPORT:!NULL
ATP [833.846]: DURL<6+info > [DCMN]I will write to file: /tmp/xxx.cfg
ATP [833.846]: DURL<6+info > [DCMN]Request ip is 10.0.0.10:443.
ATP [833.846]: DURL<6+info > [DCMN]Connect is short Cleanup curl.
ATP [833.846]: DURL<3+error > [DCMN]download common error, errcode:60, no out.
ATP [833.846]: DURL<6+info > [DCMN]download common error, remove file.
ATP [833.846]: ATP <3+error > https to file failed, code = -160, msg = , retry = 1
ATP [833.846]: ATP <4+warnin> Download default.boot fail
GUI [777:777]: EMSG<6+info > 217.839.110:CEtlMsgHandler::OnETLMessage beg msg[196610] size[1] depth[0]
GUI [777:777]: ZERO<6+info > 217.839.180:atp notify update 19
GUI [777:777]: EMSG<6+info > 217.839.230:CEtlMsgHandler::OnETLMessage end msg[196610] size[1] depth[0]
ATP [833.846]: ATP <6+info > Upgrade from com.cfg
ATP [833.846]: DURL<6+info > [DCMN]download to file...
ATP [833.846]: DURL<6+info > [DCMN]Use new short connect.
ATP [833.846]: DURL<6+info > [DCMN]HTTP request use auth = 0.
ATP [833.846]: DURL<6+info > [DCMN]ssl cipher:AES:!ADH:!LOW:!EXPORT:!NULL
ATP [833.846]: DURL<6+info > [DCMN]I will write to file: /tmp/xxx.cfg
ATP [833.846]: DURL<6+info > [DCMN]Request ip is 10.0.0.10:443.
ATP [833.846]: DURL<6+info > [DCMN]Connect is short Cleanup curl.
ATP [833.846]: DURL<3+error > [DCMN]download common error, errcode:60, no out.
ATP [833.846]: DURL<6+info > [DCMN]download common error, remove file.
ATP [833.846]: ATP <3+error > https to file failed, code = -160, msg = , retry = 1
ATP [833.846]: ATP <4+warnin> Download com.cfg fail
GUI [777:777]: EMSG<6+info > 217.868.559:CEtlMsgHandler::OnETLMessage beg msg[196610] size[1] depth[0]
GUI [777:777]: ZERO<6+info > 217.868.629:atp notify update 19
GUI [777:777]: EMSG<6+info > 217.868.680:CEtlMsgHandler::OnETLMessage end msg[196610] size[1] depth[0]
ATP [833.846]: ATP <6+info > Upgrade from mac.cfg
ATP [833.846]: DURL<6+info > [DCMN]download to file...
ATP [833.846]: DURL<6+info > [DCMN]Use new short connect.
ATP [833.846]: DURL<6+info > [DCMN]HTTP request use auth = 0.
ATP [833.846]: DURL<6+info > [DCMN]ssl cipher:AES:!ADH:!LOW:!EXPORT:!NULL
ATP [833.846]: DURL<6+info > [DCMN]I will write to file: /tmp/xxx.cfg
ATP [833.846]: DURL<6+info > [DCMN]Request ip is 10.0.0.10:443.
ATP [833.846]: DURL<6+info > [DCMN]Connect is short Cleanup curl.
ATP [833.846]: DURL<3+error > [DCMN]download common error, errcode:60, no out.
ATP [833.846]: DURL<6+info > [DCMN]download common error, remove file.
ATP [833.846]: ATP <3+error > https to file failed, code = -160, msg = , retry = 1
ATP [833.846]: ATP <4+warnin> Download mac.cfg fail
GUI [777:777]: EMSG<6+info > 217.897.953:CEtlMsgHandler::OnETLMessage beg msg[196610] size[1] depth[0]
GUI [777:777]: ZERO<6+info > 217.898.031:atp notify update 19
GUI [777:777]: EMSG<6+info > 217.898.083:CEtlMsgHandler::OnETLMessage end msg[196610] size[1] depth[0]
ATP [833.846]: ATP <5+notice> sync switch not open!
ATP [833.846]: ATP <6+info > send end provision!!
ATP [833.846]: ATP <6+info > auto provision result is 3What's wrong?
I've seen that if I disable " Only Accept Trusted Certificates" for auto_provisioning the update works fine even with an HTTPS URL.
So I need to either leave that disabled or add all of the Letsencrypt certificates.
RE: account.X provisioning - vieri - 02-10-2023 07:02 PM
I found the option to disable certificate checking for auto-provisioning.
I could add the Letsencrypt certificates, but I really think Yealink should release a firmware update with the latest certificates.
Yealink firmware ships Letsencrypt certificates among others, but they are expired. Same think will happen soon for other CAs.