I have a question regarding the encrypted configuration in conjunction with a secure sip profile. As soon as I tick the box for the encrypted TFTP file in the sip profile I get the following error "Failed: SSL connection rejected" in the GUI and in the logs:
status=failed reason=Invalid device configuration: Encrypted configuration required, but no valid certificate is available
I successfully tested it after generating a LSC certificate for the phone.
My question is, why it doesn't work out of the box with the MIC. (If it is installed on that product).
There are several mentions about the use of MIC and I wanted to know, why it didn't work with the SX 10. Here are some excerpts:
Note: When you use this method for the first time, the phone compares the MD5 hash of the phone certificate in the configuration file to the MD5 hash of the Locally Significant Certificate (LSC) or the Manufacturing Installed Certificates (MIC).
After the CAPF communication is established, the phone sends information to the CAPF about the LSC or MIC that is used. The CAPF then extracts the phone public key from the LSC or MIC, generates a MD5 hash, and stores the values for the public key and certificate hash in the CUCM database.