SPA303 Provisioning over SSL with Client Verification problem
We use DHCP (66) HTTPS URL for provisioning and initial configuration of SPA303 phones.
When Client Verification is enabled - the phones fail to authenticate to the web server and provisioning fails. It works perfectly when Client Verification is disabled. Debug logs and ssl traffic sniffing revealed only that the phones fail to authenticate properly with the built-in certificates to the server.
The server certificate passes validation (Cisco issued), however, since no full CA chain is availible from Cisco - we can't be completely sure it's valid. Server side is Apache, the SSL conf is as follows:
Small business owners are willing to try new ways to protect and grow their businesses by innovating, taking risks and pushing boundaries - and technology is a valuable tool to help drive that success.
Learn how Cisco helps small businesses think big and...
This document is attempt to recreate content of original document created by famous @Patrick Born. Cisco has considered to destroy such valuable document for an unknown reason.Cisco SPA series phones and ATAs can use certificate-authenticated HTTPS (SSL) ...
Stay up to date with monthly on-line briefings. Join Customer Connection to register for briefings presented by Cisco product managers who share technical deep-dive product presentations with interactive Q&A.
Catch up on previous new small business p...
Your small business needs secure, intelligent, simple to manage solutions to keep your business humming. Cisco Designed for Business solutions enable your company to connect, compute and collaborate securely.
Why Cisco for sm...
Learn how a two-man IT team manages all audio, video, voice and networking for Goodwill Industries stores in South Florida. Meraki enables them to consolidate, visualize and monitor their wireless network.