Yes, that is exactly what I'm trying to do.

Just want to get rid of the "Website not trusted" remark without installing a self-signed certificate. We got our own CA (Microsoft based) and I want to upload a proper certificate signed by us for the https configuration site of the base station.

Hi,

What firmware are you using? 

What you're tying to achieve is possible. The cert needs to be DER encoded binary X.509. 

Please try it and let me know if it works. 

Thanks 

Geovani 

Hi,

sorry for the late reply (been on vacation). Firmware version is IPDECT-V2/04.50/B0008/12-Feb-2019 16:46.

I nearly tried every possible format and combination. I'm still not sure what is meant by "Import Device Certificate and Key Pair". How should I export a certificate including BOTH keys in one file? That's nonsense - especially as X.509...

So I assume I am to export certificate and keys in different files but then I need to know which file in which format. Certificate in DER X.509 and what about the keys??? (Btw. I tried some combinations but still no luck...)

Hi, 

4.50 is a very old fw. Can you please download the latest on CCO. 4.80 b12 and try again? 

Thanks 

Geovani

Just upgraded to the newest version available. But now I ran into a new problem. After rebooting I was forced to register a new account ("user") and using this for logging in worked just fine. But therefor my admin account doesn't work anymore. Every thinkable standard combination isn't working and as "user" I have very limited possibilities, narrowing down to Home, User and Logout

I assume I can't edit nor see the rest as "user" but what happened to my admin password? I don't want to reset the whole station - there has to be another solution!

Hi 

Did you change the admin password from Default? 

If the admin password was not changed, it should still work. 

The only way i think for recovering is to reset the base to factory default.

Of course I did change the default admin password, but it's not working anymore.

I'm not sure but when configuring the station for the first time there was no default password (can't find any hint in the manuals either). I tried "admin", "administrator", "cisco" but nothing works so far.

Hi 

Are you using a provisioning server?

You can try and provision the admin password again using a provisioning server. Use <Admin_Password>**********</Admin_Password>

Hi there, 

Although DECT isn't supported, in this case CUCM is your provisioning server.

I'm not sure its the case here, but the reason why I asked about the provisioning server, is that sometimes it pushes admin credentials to the base. 

If you're still locked out of the base station, I think the best thing to do at this point is to factory reset it. 

Hi Geovani,

I'm back in business. Thanks to TAC I was now able to regain administration rights. First thing I upgraded the station to the latest firmware (0501/0107). After reconfiguring everything, I tried to upload a self signed certificate. Since the upgrade some things look different. On the security page I see three types of certificates
- Device Identity (that's the one I'd like to replace)
- Trusted Server Certificates (these seem to be intermediates)
- Trusted Root Certificates (here I successfully uploaded our own root CA)

But now I don't know how to proceed? Where can I upload the new SSL certificate?

Thanks for clarifying.
I don't know why cisco removes useful features. So I do have to fall back to html or distribute the self-signed certificate. Both are not state of the art and indisputible not what's my opinion of security. Anyway I seem to get used to it just as I have to get used to disappointments using cisco stuff...