12-14-2013 01:55 AM - edited 03-21-2019 07:58 AM
Greetings,
We are an ITSP who offers customers free or reduced cost phones with contract. We move about 4000 phones/year and we are on target to move approximately 6000 phones during 2014.
The phones must be securely locked to protect against tampering and theft. Honestly we find Cisco's support to be so poor we have opted for better quality products such as Grandstream and Polycom that include this service and support out of the box.
Since we need a Cisco signed certificiate to accomplish secure provisioning we decided to RTFM. This manual says to send our CSR to certadmin@cisco.com but the bounce back message has determined this to be a lie.
Do not be concerned. We are not heartbroken over your rejection. In fact it was refreshing to know Cisco's poor product quality and abysmal documentation is worth exactly what you pay your investors: $0.06 every quarter. In fact we are still trying to understand how you managed to sell Linksys to Belkin. In any case if you would like some help propping up your stock price then we are interested in offering your SPA series phones to our customers. Of course judging by the poor quality of the support so far.. we doubt that is going to happen.
Please feel free to surprise us. We would like a valid, working Cisco email address or phone number that routes to a live, breathing human being who can get us the certificate we require. Please keep in mind we are here to sell your products. We are not interested in paying Cisco for a "service contract", spending days in your massive IVR system or trudge through the depths of h*ll so we may kneel and worship before the all-mighty Cisco. We understand, for the moment, you are a large, multi-national corporation who couldn't care less about our company. Of course all giants fall when they stop caring about their customers. Just ask RIM how that worked out for them.
Thank you and have a good day.
Solved! Go to Solution.
05-17-2019 10:08 AM
SPA refuses to fetch config from our https provisioning server
You need no Cisco certificate, but you still need certificate issued by authority you trust. You provisioning server have a certificate already - and I assume it has been issued by authority you considered trusted. Just import certificate of such CA into phone (CA Settings -> Custom CA RULE), it become trusted and SPA will refuse to connect to provisioning server no more. Import of certificate is one-time step - it need not to be repeated until reset to factory default.
official signed cert
Root authority is either trusted or not. It's matter of SSL peer authentication. No one but you can claim authority trusted - it's the purpose of Custom CA Rule. I'm unsure what you mean claiming certificate "official". But we not to care. Feel free to use such certificate whatever "official" mean - just claim issuing authority trusted.
Does this help you a lot ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide