Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
674
Views
0
Helpful
0
Replies

Encryption of configuration files for spa5xx

dieswaytoofast
Level 1
Level 1

‎01-05-2011 05:17 AM - last edited on ‎03-25-2019 10:55 PM by Community Manager

XML configuration files encrypted with openssl can be decrypted by the phone using the profile rule [--key “TheSuperSecretPhrase”] http://......

The issue is that if a user accesses the web-portal for the phone, he/she can glean TheSuperSecretPhrase through simple inspection.

Why not add an Encryption Key field under the Provisioning tab, which can be used as the Key (perhaps as $EK?).  You could have it as a text field of type "password", i.e., not displayable?

I know, you could use the GPP_S[ABCD] parameters for the same purpose, but the above suggestion has the added advantage of being an end-user editable field (much, *much* easier to do phone resets in the field!)

Mahesh Paolini-Subramanya | CTO | mahesh@aptela.com | 703.386.1500 Ext. 9100

2250 Corporate Park Drive | Suite 150 | Herndon, VA | www.aptela.com

Check out our Blog | Follow us on Twitter | Refer a Friend

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents