[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.

Post Reply 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Autoprovision - config file encryption problem
Author Message
Rus Offline
Junior Member

Posts: 11
Joined: Mar 2018
Reputation: 0
Post: #8
RE: Autoprovision - config file encryption problem
(03-28-2018 10:07 AM)Rus Wrote:  
(12-24-2013 11:27 AM)Yealink Support Wrote:  Hi oea,
Please test below steps and kindly feed back to me.
Don't forget to enable "auto_provision.aes_key_in_file =1" in the CFG file before upload encryption files.
1. Add/Edit the following parameters in configuration files(not encryption). Then do auto provisioning to all phones.
auto_provision.aes_key_in_file =1
auto_provision.update_file_mode =1
2. The administrator encrypts y000000000007.cfg and MAC.cfg files and put them to the root
directory of the provisioning server.
3. Reboot the IP phone to trigger auto provisioning process. For more information, refer to Yealink IP Phones Auto Provisioning Guide.

Can I please be 100% clear since I cannot find the exact answer anywhere on the forums...

I have a boot file which calls 2 cfg files.

Do I place the auto_provision.aes_key_in_file =1 line in the .boot file or in the cfg files?
If I place the line into the cfg files, do I need to get the phone to load these in unencrypted fashion or should I encrypt the modified files and then get the phone to reload them?

For anyone who might be interested... I have now resolved this.
I created a file called enc.cfg and amended the url on Yealink RPS Provisioining Server to point to <myprovisioningserver>/enc.cfg

static.auto_provision.reboot_force.enable =1

This tells the phone to use encrypted mode and to auto-reboot.

We know that the phones, when they reboot, will look for either a <modelref>.cfg file or <mac>.boot file to boot from.

Since the boot file cannot be encrypted but contains no sensitive information, I get the phone to boot from my <mac>.boot file.

This looks like this:
include:config "<mac>.cfg"
include:config "T23.cfg"
overwrite_mode = 1

static.auto_provision.reboot_force.enable =0

The <mac>.cfg file contains device specific configuration.
The T23.cfg file contains the account setup which is common to all T23 phones.Both of these cfg files are encrypted using the Yealink Auto Encryption tool.

The static.auto..... line tells the phone to stop auto-booting as the configuration is complete.

The encrypted files including their _Security.enc counterparts along with the Aeskey text file, are copied to my provisioning server.

When the phone is factory reset (press and hold the OK button) it first looks at the Yealink RPS service, then looks up the provisioning URL I saved there, and loads the enc.cfg file.

It cycles through loading and rebooting (for around 3 minutes) and then comes to rest with all the config loaded.

Hope this helps someone.
(This post was last modified: 04-11-2018 11:04 AM by Rus.)
04-11-2018 11:03 AM
Find all posts by this user    like1    dislike0 Quote this message in a reply
Post Reply 

Messages In This Thread
RE: Autoprovision - config file encryption problem - Rus - 04-11-2018 11:03 AM

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  How to disable Voicemail from .cfg in auto provisioning file? boniakowski 2 1,522 09-19-2023 12:03 AM
Last Post: boniakowski
  Encryption utility for MP56 phones rtrefz 0 1,351 01-23-2023 10:15 PM
Last Post: rtrefz
  W73P Custom Handset Config to Disable Noise Cancellation vikramgupte 2 3,128 10-25-2022 07:37 AM
Last Post: vikramgupte
  Hard reset a T20P and erase config Kevinlloyd 32 132,000 12-02-2021 05:54 AM
Last Post: callisap
  Daily config check oliv 2 6,065 07-07-2021 01:08 AM
Last Post: oliv
  Problem with change ringtone. Andrei9385 1 6,473 03-22-2021 10:32 PM
Last Post: complex1
  Some problem Andrei9385 2 6,919 03-22-2021 07:43 PM
Last Post: Andrei9385
  settings are not updating from autoprovision server AdmshipYard 1 5,987 02-20-2021 04:20 PM
Last Post: AdmshipYard
  PROBLEM WITH W80B AND W80DM certificate server acces TWT_Support 1 6,314 02-18-2021 06:55 AM
Last Post: bitblock
  [OT] Apache 2.4 config allowing PUT oliv 0 3,947 10-28-2020 03:23 PM
Last Post: oliv

Forum Jump:

User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication