Support User Manuals

Aastra Telecom 41-001343-02 IP Phone User Manual

Open as PDF

of 876

Operational, Basic, and Advanced Parameters

41-001343-02 REV04 – 05.2014 A-90

Parameter –

sips root and intermediate

certificates

Configuration Files

aastra.cfg, <model>.cfg, <mac>.cfg

Description Allows you to specify the SIP Root and Intermediate Certificate files to use when the phone

uses the TLS transport protocol to setup a call.

The Root and Intermediate Certificate files contain one root certificate and zero or more

intermediate certificates which must be placed in order of certificate signing with root cer-

tificate being the first in the file. If the local certificate is signed by some well known certif-

icate authority, then that authority provides the user with the Root and Intermediate Cer-

tificate files (most likely just CA root certificate).

This parameter is required when configuring TLS (optional for Persistent TLS.)

You can use this parameter in three ways:

• To download no certificates

• To download a certificate from the original configuration server

• To download a certificate from another specified server

To download a specific file, the string value MUST HAVE A FILENAME at the end of the

string. For example:

sips root and intermediate certificates: ftp://admin:admin!@1.2.3.4:50/path/phonesRoot-

Cert.pem

where “path” is the directory and “phonesRootCert.pem” is the filename. If you do not

specify a filename, the download fails.

See examples for each below.

Note:

The certificate files must use the format “.pem”. To create custom certificate files to use on

your IP phone, contact Aastra Technical Support.

Format <filename>.pem

Default Value Not Applicable

Range Not Applicable

Example The following example downloads no root and intermediate certificate file:

sips root and intermediate certificates:

The following example downloads the root and intermediate certificate file from the orig-

inal configuration server.

sips root and intermediate certificates: phonesRootCert.pem

The following example uses FTP to download the firmware file “phonesRootCert.pem”

(root and intermediate certificate file) from the “path” directory on server 1.2.3.4 using

port 50.

sips root and intermediate certificates: ftp://admin:admin!@1.2.3.4:50/path/phonesRoot-

Cert.pem

previous next