Filter
Top Products
Configuration Methods
41-001343-02 REV04 – 05.2014 2-7
HTTP/HTTPS Support
The Aastra Web UI supports both Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol over Secure Socket
Layer (HTTPS) client and server protocols.
HTTP is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) over the Inter-
net. When you open your Web browser, you are indirectly making use of HTTP. HTTP is an application protocol that runs on
top of the TCP/IP suite of protocols (the foundation protocols for the Internet).
HTTPS is a Web protocol that encrypts and decrypts user page requests as well as the pages that are returned by the Web
server. HTTPS uses Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under its regular HTTP applica-
tion layering. SSL is a commonly-used protocol for managing the security of a message transmission on the Internet. It
uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of encryption for
commercial exchange. TLS is a protocol that ensures privacy between communicating applications and their users on the
Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any mes-
sage. TLS is the successor to SSL.
HTTP/HTTPS Client and Server Support
The Aastra IP phones allow for HTTP request processing and associated data transfers to perform over a secure connection
(HTTPS). The IP phones support the following:
• Transfer of firmware images, configuration files, script files, and web page content over a secure connection.
• Web browser phone configuration over a secure connection
• TLS 1.0or SSL 3.0 methods for both client and server
HTTPS Client
When an HTTPS client opens and closes its TCP socket, the SSL software respectively handshakes upon opening and dis-
connects upon closing from the HTTPS server. The main HTTPS client functions are:
• Downloading of configuration files and firmware images
• Downloading of script files based on an “HTTPS://” URL supplied by a softkey definition
HTTPS Server
The HTTPS server provides HTTP functionality over secure connections. It coexists with the HTTP server but has its own set
of tasks. The main HTTPS server functions are:
• Delivery of web page content to a browser client over a secure connection
• Execution of HTTP GET and POST requests received over a secure connection
Non-Blocking HTTP Connections
The IP Phones support a non-blocking HTTP connection feature. This feature allows the user to continue using the phone
when there is a delay during an HTTP connection while the phone is waiting for the HTTP server to respond. This feature
also allows a user to abort the connection and perform other operations on the phone (which will abort the HTTP connec-
tion automatically). A user can also abort the HTTP loading by pressing the GOODBYE key while the phone is displaying
“Loading Page.......”.
Note:
HTTPS uses port 443 instead of HTTP port 80 in its interactions with the TCP/IP lower layer. Both the HTTP and HTTPS
port numbers are configurable using the configuration files, the IP Phone UI, the Aastra Web UI and DHCP Option 66.
For more information about configuring these ports, see Chapter 4, the section, “Configuring the Configuration Server
Protocol” on page4-87.
Note:
This feature impacts only the HTTP calls triggered by a phone key (softkey or programmable key); the HTTP calls per-
formed by action URIs are still blocking.