Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Organization: SipXecs Forum X-FUDforum: 08063afcdd00a6e76393c5b9527381e8 <63929> Message-ID: <[email protected]>
Hello! Another thread about TLS and Polycom-phones, sorry. My Polycom 430 phones won't initiate a TLS session with the SipXecs-server, they just use UDP. However, all SIP-traffic that the server forwards to the destination phone is sent over TLS. Also, the BYE-message is sent in cleartext-UDP, whoever send it. It seems like the phones accept a TLS-session when someone else is proposing it, but they can't propose it themselves? I followed the guide on the wiki, and tried the hints in the "TLS for Polycom"-thread. http://forum.sipfoundry.org/index.php?t=msg&th=16179&start=0&S=618e01e6f47bbc2a22be2811ee9a15cb The certificate (.crt) is downloaded to the phone with the built in UI, and the certlist is changed to "Custom" (tried the "All"-list too). I see the fingerprint and accept the certificate, and it says that the certificate has been installed. The strange thing here is when I check the status of the certificate, it says "Device certificate not installed". It seems like the phone can't use the certificate? As mentioned, I also tried to change the MAC.cfg-file with the lines mentioned in the thread above, both with the name of the cert specified and with the complete certified pasted in, without any success. I wonder if the error may be in my certificate-generation, but I don't know. Or maybe if it is the phones? They just won't take the initiative start a TLS-session. When I try "Polycom-Lines->Registration->Primary->registration server->transport=TLS" and "port=5061", the phones fail to register. It seems to be more people with similiar problems. Are there any news regarding the subject? //SebbJ _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
