[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
T4XG series not able to autoprovision over https with FreePBX 14
Author Message
JaredBusch Offline
Junior Member
**

Posts: 11
Joined: Apr 2014
Reputation: 0
Post: #1
T4XG series not able to autoprovision over https with FreePBX 14
You can see this thread on the FreePBX forums for all the details.
https://community.freepbx.org/t/yealink-...x-14/44617

But to summarize: The Yealink T42G and T46G will not correctly communicate to over https FreePBX 14 with a Let's Encrypt Cert.

Neither for autoprovisioning https://pbx.domain.com:1443, nor to pull a remote phone book https://pbx.domain.com/contacts.xml

If I change it to http for those, it works perfectly.

If I connect to a FreePBX 13 instance it works perfectly with https or http.
10-06-2017 05:37 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Michael_Yealink Offline
Administrator
*******

Posts: 46
Joined: Oct 2012
Reputation: 0
Post: #2
RE: T4XG series not able to autoprovision over https with FreePBX 14
Hi There

Thanks for your information , and i belive that it is the certificate not correct which may case this issue , you can confirm with elow setps :

1. Disable the "Only accepte trusted certificate" in web site.

2. Auto proviison with https again , it should work.

So my adivse is to use th bulit in certificate for https server , you can find all certficate infrmaiton from below link :

http://support.yealink.com/faq/faqInfo?id=691

BR
Michael
10-12-2017 02:33 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
JaredBusch Offline
Junior Member
**

Posts: 11
Joined: Apr 2014
Reputation: 0
Post: #3
RE: T4XG series not able to autoprovision over https with FreePBX 14
(10-12-2017 02:33 PM)zouym Wrote:  Hi There

Thanks for your information , and i belive that it is the certificate not correct which may case this issue , you can confirm with elow setps :

1. Disable the "Only accepte trusted certificate" in web site.

2. Auto proviison with https again , it should work.

So my adivse is to use th bulit in certificate for https server , you can find all certficate infrmaiton from below link :

http://support.yealink.com/faq/faqInfo?id=691

BR
Michael

That is not the problem.
1. I have tested with that setting turned off.
2. I have test by loading hte LE cert from FreePBX into the Trusted Certificates.
3. The Firmware of the T42G and T46G I am testing with is 29.82.0.20 and 28.82.0.20 and these models are supposed to support LE with this firmware.

Inside FreePBX I receive a standard http error code of 408.

From the phone I see this.

Phone talking to FreePBX 13:
Code:
<134>Oct  8 03:48:37 ATP [1022]: ATP <6+info  > Upgrade from com.cfg
<134>Oct  8 03:48:37 LIBD[1022]: DCMN<6+info  > Connecting pbx.domain.com:1443
<134>Oct  8 03:48:37 LIBD[1022]: DCMN<6+info  > Connecting IP = 45.XXX.XXX.XXX, Port = 1443
<134>Oct  8 03:48:37 LIBD[1022]: DCMN<6+info  > ssl cipher num is 18
<134>Oct  8 03:48:37 LIBD[1022]: DCMN<6+info  > SSL_connect (read done)
<134>Oct  8 03:48:38 LIBD[1022]: DCMN<6+info  > SSL_connect (read done)
<134>Oct  8 03:48:38 LIBD[1022]: HTTP<6+info  > Request Line: GET /y000000000029.cfg HTTP/1.1
<134>Oct  8 03:48:38 LIBD[1022]: HTTP<6+info  > Host: pbx.domain.com:1443
<134>Oct  8 03:48:38 LIBD[1022]: HTTP<6+info  > User-Agent: Yealink SIP-T42G 29.82.0.20 00:15:65:65:xx:xx
<134>Oct  8 03:48:38 LIBD[1022]: HTTP<6+info  > process response
<133>Oct  8 03:48:38 LIBD[1022]: HTTP<5+notice> response code: 200
<134>Oct  8 03:48:38 LIBD[1022]: HTTP<6+info  > Content-Length: 12129
<134>Oct  8 03:48:38 LIBD[1022]: HTTP<6+info  > connection: close
<133>Oct  8 03:48:38 LIBD[1022]: HTTP<5+notice> response process finish!
<133>Oct  8 03:48:38 LIBD[1022]: HTTP<5+notice> recv : 12129 bytes
<134>Oct  8 03:48:38 ATP [1022]: ATP <6+info  > need_cmp_md5=1
<134>Oct  8 03:48:38 ATP [1022]: ATP <6+info  > cfg md5 same!
<132>Oct  8 03:48:38 ATP [1022]: ATP <4+warnin> error: phone_setting.inactive_backlight_level
<134>Oct  8 03:48:38 ATP [1022]: ATP <6+info  > skip item<phone_setting.inactive_backlight_level>
<134>Oct  8 03:48:38 ATP [1022]: ATP <6+info  > parse item finish

Phone Talking to FreePBX 14:
Code:
<134>Oct  8 03:33:08 ATP [780]: ATP <6+info  > Upgrade from mac.boot
<134>Oct  8 03:33:08 LIBD[780]: DCMN<6+info  > Connecting pbx.domain.com:1443
<134>Oct  8 03:33:08 LIBD[780]: DCMN<6+info  > Connecting IP = 107.XXX.XXX.XXX, Port = 1443
<134>Oct  8 03:33:08 LIBD[780]: DCMN<6+info  > SSL_connect (read done)
<134>Oct  8 03:33:08 Log [900]: WEB <6+info  > URI: /servlet?p=settings-autop&q=result&Rajax=0.09716529952707398
<134>Oct  8 03:33:08 Log [900]: ETLL<6+info  > mkit_call failed! src[0x000c72a8] name[__h900] tar[0xc4098f94] name[autoServer] msg[0x00030206] ret[-1] size[0]
<134>Oct  8 03:33:08 Log [900]: WEB <6+info  > Partition free(byte): /tmp/ [104325120], /config/ [90112], /data/ [90112]
<134>Oct  8 03:33:13 Log [900]: ETLL<6+info  > mkit_call failed! src[0x000c72a8] name[__h900] tar[0xc4098f94] name[autoServer] msg[0x00030206] ret[-1] size[0]
<134>Oct  8 03:33:13 Log [900]: WEB <6+info  > URI: /servlet?p=settings-autop&q=result&Rajax=0.8728236330210573
<134>Oct  8 03:33:13 Log [900]: WEB <6+info  > Partition free(byte): /tmp/ [104321024], /config/ [90112], /data/ [90112]
<134>Oct  8 03:33:18 Log [900]: WEB <6+info  > URI: /servlet?p=settings-autop&q=result&Rajax=0.649367081619797
<134>Oct  8 03:33:18 Log [900]: WEB <6+info  > Partition free(byte): /tmp/ [104316928], /config/ [90112], /data/ [90112]
<134>Oct  8 03:33:18 Log [900]: ETLL<6+info  > mkit_call failed! src[0x000c72a8] name[__h900] tar[0xc4098f94] name[autoServer] msg[0x00030206] ret[-1] size[0]
<134>Oct  8 03:33:23 Log [900]: WEB <6+info  > URI: /servlet?p=settings-autop&q=result&Rajax=0.6691534391904461
<134>Oct  8 03:33:23 Log [900]: ETLL<6+info  > mkit_call failed! src[0x000c72a8] name[__h900] tar[0xc4098f94] name[autoServer] msg[0x00030206] ret[-1] size[0]
<134>Oct  8 03:33:23 Log [900]: WEB <6+info  > Partition free(byte): /tmp/ [104316928], /config/ [90112], /data/ [90112]
<134>Oct  8 03:33:28 Log [900]: WEB <6+info  > URI: /servlet?p=settings-autop&q=result&Rajax=0.14837767361288257
<134>Oct  8 03:33:28 Log [900]: ETLL<6+info  > mkit_call failed! src[0x000c72a8] name[__h900] tar[0xc4098f94] name[autoServer] msg[0x00030206] ret[-1] size[0]
<134>Oct  8 03:33:28 Log [900]: WEB <6+info  > Partition free(byte): /tmp/ [104312832], /config/ [90112], /data/ [90112]
<134>Oct  8 03:33:33 Log [900]: WEB <6+info  > URI: /servlet?p=settings-autop&q=result&Rajax=0.9179317121887864
<134>Oct  8 03:33:33 Log [900]: WEB <6+info  > Partition free(byte): /tmp/ [104288256], /config/ [90112], /data/ [90112]
<134>Oct  8 03:33:33 Log [900]: ETLL<6+info  > mkit_call failed! src[0x000c72a8] name[__h900] tar[0xc4098f94] name[autoServer] msg[0x00030206] ret[-1] size[0]
<134>Oct  8 03:33:37 LIBD[780]: DCMN<6+info  > SSL_connect write/read error
<131>Oct  8 03:33:37 LIBD[780]: HTTP<3+error > Connect Error
<131>Oct  8 03:33:37 ATP [780]: ATP <3+error > https to file failed, code = -3, msg = Connect Failed, retry = 1
<134>Oct  8 03:33:37 ATP [780]: ATP <6+info  > Wait 0 second to next file transfer!

Notice that the initial connection never completes when talking to FreePBX 14. The phone never gets a cipher like it did with FreePBX 13. This line:
Code:
<134>Oct  8 03:48:37 LIBD[1022]: DCMN<6+info  > ssl cipher num is 18
(This post was last modified: 10-17-2017 04:51 AM by JaredBusch.)
10-17-2017 04:49 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
JaredBusch Offline
Junior Member
**

Posts: 11
Joined: Apr 2014
Reputation: 0
Post: #4
RE: T4XG series not able to autoprovision over https with FreePBX 14
Still unable to resolve this. I have now also tested the same FreePBX install with a GoDaddy SSL cert. That one works fine.

It is only the Let's Encrypt cert that has a problem.

How can I resolve this?

LE cert on FreePBX 13 works. LE cert on FreePBX 14 does not. I have reviewed the code and there are no differences in FreePBX between 13 and 14 in regards to the SSL certificates.

I can access the config files in every browser with no error. It is only the T4XG models (and I assume P but I do not have one to test). The T4XS models work with the LE cert on FreePBX 14.
11-02-2017 11:47 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Michael_Yealink Offline
Administrator
*******

Posts: 46
Joined: Oct 2012
Reputation: 0
Post: #5
RE: T4XG series not able to autoprovision over https with FreePBX 14
Hi There,

Sorry for the inconvenience ,so in order to speed up this issue , would you please kindly provide the pcap file , bin file and level 6 log file to me so that we can submit to R&D for analysis.

Please provide LE cert for us

Please kindly provide auto provision with FreePBX V13 LE cert OK trace files (pcap file , bin file and level 6 log file)

Please kindly provide auto provision with FreePBX V14 LE cert OK trace files (pcap file , bin file and level 6 log file)

As the phone will reboot , then it is advised to use a wireshark tool to get the pcap file , for how to download the tool and use it , please refer to the link below :
http://forum.yealink.com/forum/showthread.php?tid=15529

For the syslog, please export it to server side , before phone reboot , you can refer to the guide download from below link :
http://forum.yealink.com/forum/showthread.php?tid=15529

For the config.bin file , please refer to the FAQ below :
http://support.yealink.com/faq/faqInfo?id=311

After you collect all the three files, just upload them to below link:
http://ftp.yealink.com/?ShareToken=451B5...7F0C14B169

Let me know if any question

TKS & BR

Michael
Yealink Wiki : http://support.yealink.com/
11-23-2017 09:52 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
JaredBusch Offline
Junior Member
**

Posts: 11
Joined: Apr 2014
Reputation: 0
Post: #6
RE: T4XG series not able to autoprovision over https with FreePBX 14
Just as an update, and I recently had someone with a new FreePBX 14 install using a T19PE2 also have problem with TLS.

I know support asked for all of the above information, but I have limited free time to perform actions like this. So far, I have worked around the issue by not using the LE cert.

This is an easily reproducible issue, that support could test themselves.
02-27-2018 11:20 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Connect Yealink T46U to FreePBX system via Synology Site to Site VPN TF2023 0 756 10-10-2023 11:48 PM
Last Post: TF2023
  T4xs series opus codec volga629 0 967 03-20-2023 09:47 PM
Last Post: volga629
  Backlight comes on after autoprovision jonathanattwood 0 2,441 12-21-2021 10:30 PM
Last Post: jonathanattwood
  T4xU series no support information or files Chris708 5 10,919 01-07-2021 10:29 PM
Last Post: rfmjohn
Question Autoprovision - LED Light Flashing [Resolved] voipsupport 1 6,133 05-01-2020 06:47 PM
Last Post: voipsupport
  T4xG no OpenVPN IP when using TAP Output101 2 7,826 04-11-2020 08:16 PM
Last Post: gordon0193
  T48S Autoprovision admin password srcurtis 3 19,693 06-12-2018 01:58 PM
Last Post: complex1
  T4xG series having time issues KNERD 4 11,131 04-20-2018 08:51 PM
Last Post: KNERD
  T4X S series - Skype for Business Administrator & User guides Shamintha 1 5,297 11-23-2017 02:18 AM
Last Post: anonymous1711612242218
  T4X Series - PC Audio Only dkulesza 1 5,149 11-16-2017 08:38 AM
Last Post: Lucia_Yealink

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication