06-13-2021 10:24 AM
Hello ,
i have upgraded the migrated the firmware of Cisco 8845 IP phone from enterprise firmware to MPP firmware. Firmware migration went well and all seems good.. but when i tried to register the IP phone over SIP TLS to Asterisk PBX , it is always returning an error "UNKNOWN CA (48)" . i tried many methods to solve the issue , but nothing is successful . Attaching the Wireshark trace downloaded from the IP phone with this post. Any help to solve this issue would be highly appreciated.
Thanks
Abdul Rasheed
06-13-2021 02:47 PM
There are only way to solve "UNKNOWN CA" TLS error. The issuer of the server's certificate must be known to phone.
Based on the dump, server is using certificate /CN=pbx.zaincallstelephony.com issued by /CN=Asterisk Private CA
And /CN=Asterisk Private CA is the certificate that you need to configured as custom CA to phone.
06-13-2021 10:47 PM
Hello Dan ,
Thanks a lot for your reply. I could find that there is an option in Cisco MPP phone's web portal to configure Custom CA Rule under
Voice -> provisioning menu. Is it expecting an http link to a client certificate from /CN=Asterisk Private CA and the certificate to be hosted under this link ?
Thanks and regards
Abdul Rasheed
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide