Plantronics + Polycom. Now together as Poly Logo

HTTPS / FTPS provisioning - File transfer failed due to curl error code:22 and respCode:401

Highlighted
Advisor

HTTPS / FTPS provisioning - File transfer failed due to curl error code:22 and respCode:401

Good morning team.

Environment: Lync 2013 on premise

Phone Model VVX 411
UC Software Version 5.6.0.17325
Updater Version 5.8.0.19248

 

I am trying to setup provisioning via HTTPS - IIS or via FTPS - FileZilla.

We use self signed certificates and I loaded the CA onto the phone withyout any issues.

Neiter of the 2 provisioning methodes work. 

I am using DHCP option 60 and tried the option with and without username. 

We are using the default username PlcmSpIp directory permissions in IIS and also for FTPS have been set correct.

Provisioning work OK using just FTP but not FTPS or HTTPS.

The time on the phone is correct as well.

 

The log files indicate that the certificates are fine?

0716095200|curl |3|00|SSLv2, Unknown (23):
0716095200|curl |0|00|SSL DATA_IN: Data of len 5 not displayed
0716095200|curl |1|00|HEADER_IN : HTTP/1.1 401 Unauthorized
0716095200|curl |1|00|HEADER_IN : Content-Type: text/html
0716095200|curl |1|00|HEADER_IN : Server: Microsoft-IIS/8.5
0716095200|curl |1|00|HEADER_IN : WWW-Authenticate: Basic realm="xxx.xxx.local"
0716095200|curl |1|00|HEADER_IN : Date: Mon, 16 Jul 2018 13:52:01 GMT
0716095200|curl |1|00|HEADER_IN : Content-Length: 1293
0716095200|curl |1|00|HEADER_IN :
0716095200|curl |3|00|Ignoring the response-body
0716095200|curl |0|00|DATA_IN : Data of len 1293 not displayed
0716095200|curl |3|00|Connection #0 to host xxx.xxx.local left intact
0716095200|curl |3|00|Issue another request to this URL: '** not displayed **'
0716095200|curl |3|00|Re-using existing connection (#0) with host xxx.xxx.local
0716095200|curl |3|00|Connected to xxx.xxx.local (192.168.1.1) port 443 (#0)
0716095200|curl |3|00|Server auth using Basic with user 'PlcmSpIp'
0716095200|curl |3|00|SSLv2, Unknown (23):
0716095200|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095200|curl |1|00|HEADER_OUT: GET /000000000000-directory.xml HTTP/1.1
...
0716095200|curl |3|00|SSLv2, Unknown (23):
0716095200|curl |0|00|SSL DATA_IN: Data of len 5 not displayed
0716095200|curl |1|00|HEADER_IN : HTTP/1.1 401 Unauthorized
0716095200|curl |1|00|HEADER_IN : Content-Type: text/html
0716095200|curl |1|00|HEADER_IN : Server: Microsoft-IIS/8.5
0716095200|curl |3|00|Authentication problem. Ignoring this.
0716095200|curl |1|00|HEADER_IN : WWW-Authenticate: Basic realm="xxx.xxx.local"
0716095200|curl |1|00|HEADER_IN : Date: Mon, 16 Jul 2018 13:52:01 GMT
0716095200|curl |1|00|HEADER_IN : Content-Length: 1293
0716095200|curl |3|00|The requested URL returned error: 401
0716095200|curl |3|00|Closing connection #0
0716095200|curl |3|00|SSLv2, Unknown (21):
0716095200|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095200|curl |3|00|SSLv3, TLS alert, Client hello (1):
0716095200|curl |0|00|SSL DATA_OUT: Data of len 2 not displayed
0716095200|clist|4|00|dbSet::srv2mem:'000000000000-directory.xml' File transfer failed, trying to get local file
0716095200|log |5|00|Skipped uploading of failed log file because no of failures are > 4 or last upload failed time is < 60 seconds.
0716095201|app1 |*|00|[AppHybridC]: App is completely initialized.
0716095201|so |4|00|[SoNcasC]: appncascontext termination:1
0716095201|so |4|00|[SoNcasC]: Case Handling termination:1
0716095201|sip |*|00|Sip Register Usr:VVX411 Dsp:VVX 411 Auth:'Using Login Cred' Inx:0
0716095201|utilm|4|00|uBLFUnCompressed: File /ffs0/Config/Local/WebTicket/0/sip.usr doesn't exist or is empty
0716095201|sip |*|00|Fast Boot Measurement Point: Ready for Call, uptime: 42.793 sec.
0716095201|app1 |4|00|Corporate directory is not Enabled.
0716095201|clist|4|00|dbCfg::getServerDir:Unknown dbCfg type
0716095201|clist|4|00|dbCfg::getServerDir:Unknown dbCfg type
0716095201|cfg |*|00|Prov|Starting to provision
0716095201|curl |3|00|About to connect() to xxx.xxx.local port 443 (#0)
0716095201|curl |3|00| Trying 192.168.1.1...
0716095201|curl |3|00|the local port callback returned 0
0716095201|curl |3|00|Local port: 58302
0716095201|curl |3|00|Connected to xxx.xxx.local (192.168.1.1) port 443 (#0)
0716095201|curl |3|00|successfully set certificate verify locations:
0716095201|curl |3|00| CAfile: /ffs0/ca1.crt
CApath: none
0716095201|curl |3|00|SSLv3, TLS Unknown, Unknown (22):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Client hello (1):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 207 not displayed
0716095201|curl |3|00|SSLv2, Unknown (22):
0716095201|curl |0|00|SSL DATA_IN: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Server hello (2):
0716095201|curl |0|00|SSL DATA_IN: Data of len 81 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, CERT (11):
0716095201|curl |0|00|SSL DATA_IN: Data of len 1406 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Server key exchange (12):
0716095201|curl |0|00|SSL DATA_IN: Data of len 205 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Server finished (14):
0716095201|curl |0|00|SSL DATA_IN: Data of len 4 not displayed
0716095201|curl |3|00|SSLv2, Unknown (22):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Client key exchange (16):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 70 not displayed
0716095201|curl |3|00|SSLv2, Unknown (20):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS change cipher, Client hello (1):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 1 not displayed
0716095201|curl |3|00|SSLv2, Unknown (22):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Finished (20):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 16 not displayed
0716095201|curl |3|00|SSLv2, Unknown (20):
0716095201|curl |0|00|SSL DATA_IN: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS change cipher, Client hello (1):
0716095201|curl |0|00|SSL DATA_IN: Data of len 1 not displayed
0716095201|curl |3|00|SSLv2, Unknown (22):
0716095201|curl |0|00|SSL DATA_IN: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS handshake, Finished (20):
0716095201|curl |0|00|SSL DATA_IN: Data of len 16 not displayed
0716095201|curl |3|00|SSL connection using ECDHE-RSA-AES256-SHA384
0716095201|curl |3|00|Server certificate:
0716095201|curl |3|00| subject: C=US, ST=Pennsylvania, L=town, O=company Pty Ltd, OU=IT, CN=xxx.xxx.local
0716095201|curl |3|00| start date: 2018-07-16 12:31:24 GMT
0716095201|curl |3|00| expire date: 2020-07-15 12:31:24 GMT
0716095201|curl |3|00| common name: xxx.xxx.local (matched)
0716095201|curl |3|00| issuer: DC=LOCAL, DC=GAM, CN=CA-Server
0716095201|curl |3|00| SSL certificate verify ok.
0716095201|curl |3|00|Server auth using Basic with user 'PlcmSpIp'
0716095201|curl |3|00|SSLv2, Unknown (23):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095201|curl |1|00|HEADER_OUT: GET /64167f3b7c6e.cfg HTTP/1.1
...
0716095201|curl |3|00|SSLv2, Unknown (23):
0716095201|curl |0|00|SSL DATA_IN: Data of len 5 not displayed
0716095201|curl |1|00|HEADER_IN : HTTP/1.1 401 Unauthorized
0716095201|curl |1|00|HEADER_IN : Content-Type: text/html
0716095201|curl |1|00|HEADER_IN : Server: Microsoft-IIS/8.5
0716095201|curl |3|00|Authentication problem. Ignoring this.
0716095201|curl |1|00|HEADER_IN : WWW-Authenticate: Basic realm="xxx.xxx.local"
0716095201|curl |1|00|HEADER_IN : Date: Mon, 16 Jul 2018 13:52:01 GMT
0716095201|curl |1|00|HEADER_IN : Content-Length: 1293
0716095201|curl |3|00|The requested URL returned error: 401
0716095201|curl |3|00|Closing connection #0
0716095201|curl |3|00|SSLv2, Unknown (21):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 5 not displayed
0716095201|curl |3|00|SSLv3, TLS alert, Client hello (1):
0716095201|curl |0|00|SSL DATA_OUT: Data of len 2 not displayed
0716095201|cfg |4|00|Prov|File transfer failed due to curl error code:22 and respCode:401
0716095201|curl |3|00|About to connect() to xxx.xxx.local port 443 (#0)
0716095201|curl |3|00| Trying 192.168.1.1...
0716095201|curl |3|00|the local port callback returned 0
0716095201|curl |3|00|Local port: 31220
0716095201|curl |3|00|Connected to xxx.xxx.local (192.168.1.1) port 443 (#0)
0716095201|log |5|00|Skipped uploading of failed log file because no of failures are > 4 or last upload failed time is < 60 seconds.
0716095201|curl |3|00|successfully set certificate verify locations:
0716095201|curl |3|00| CAfile: /ffs0/ca1.crt
CApath: none

 

I am not sure what else to check?

Message 1 of 3
2 REPLIES 2
Advisor

Re: HTTPS / FTPS provisioning - File transfer failed due to curl error code:22 and respCode:401

Been testing further and I believe it is a username / password issue.

When enabling "anonymous authentication" in ISS the phone provisiones.

So it is not sending the correct credeintials to IIS.

I have setup a user in Active directory "PlcmSpIp" with the same password.

In IIS I have set the "WebDAV" authoring Rules to users "domain\PlcmSpIp" and also just "PlcmSpIp" but none works.

I have tried the DHCP option 60 to loo like 
https://server.domain.local

and

https://PlcmSpIp:PlcmSpIp@server.domain.local

But neither works. 

What am I missing, can it be set so the phone authenticates "domain/PLsmSpIp" as i believe this could be the issue.

 

Message 2 of 3
Polycom Employee & Community Manager

Re: HTTPS / FTPS provisioning - File transfer failed due to curl error code:22 and respCode:401

Hello @Sebastian1,

welcome to the Polycom Community.

The community's VoIP FAQ contains this post here:

 

Oct 7, 2011 Question: How can I setup my Phone / Provisioning / Download / Upgrade / Update / Downgrade Software?
Resolution: Please check => here <=

The above has detailed instructions including logging so it should be easy to follow. I suggest you try this manually on the phone and then work your way backwards.

 

The next step would be to raise a ticket via your reseller


In order to raise a support ticket you need to work with your Polycom reseller as they need to do this for you.

End Customers are unable to open a ticket directly with Polycom support.

If this is some sort of an Internet discounter please post either your phone's MAC address or your Polycom devices serial so I can look up who would be able to support you. This may not be who you purchased the Polycom device from.

If the unit is no longer within warranty please be prepared to Pay Per Incident / PPI. This is all outlined in detail here

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services




<======== Signature / Disclaimer ========>
Please be aware:For questions about the type of support to expect please check here

Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's

Please remember, if you see a post that helped you , and it answers your question, please mark it as an "Accept as Solution".

The title Polycom Employee & Community Manager is an automatic setting within the community and any forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.
Poly employee participation within this community is not mandatory and any post or FAQ article provided by myself is done either during my working hours or outside working hours, in my private time, and maybe answered on weekends, bank holidays or personal holidays.
Message 3 of 3