6.6 Install TLS root certificate on Certified SIP phones
If your TLS certificate is not supported by Yealink, you need to install the corresponding root certificate on each SIP phone, see
|
The exact parameters you need to use for provisioning your own root certificate can be found in the common.cfg file in the provisioning template for your Yealink phone type.
|
or
You can upload the root certificate manually on the Yealink web interface.
|
If the provisioning of phones cannot be performed via multicast due to the network infrastructure, you can also distribute the provisioning URL (e.g. https://172.20.1.1:9200/ippbx/client/v1.0/device/provision/) via DHCP option 66.
In this case, your DHCP server must support HTTPS protocol.
|
To install the root certificate during a new provisioning
You have installed your own TLS server certificate or a TLS server certificate from Let's Encrypt via SCST.
1 Distribute the root certificate in the provisioning network or upload the root certificate on each corresponding SIP phone.
|
If you use your own certificate, make sure that you upload a valid trusted root certificate.
|
2 Connect the corresponding SIP phones to the productive network.
The SIP phones are being provisioned.
To install the root certificate on already provisioned devices
|
If you use your own certificate, make sure that you upload a valid trusted root certificate.
|
2 Connect the corresponding SIP phones to the productive network.
3 Update SwyxWare .
The SIP phones will be provisioned again.