Hello edt8083,

welcome to the Polycom Community.

It would be helpful if your could specify the Phone Type, the SIP / UC Software Version and the BootROM Version of the Phone in question in order for someone to help you.

Did you check the Mutual Transport Layer Security Provisioning Using Microsoft Internet Information Services 6.0 at the  Feature Descriptions & Technical Notifications Section on the Polycom Web Site?

Did you install a certificate on the Polycom Phone if you are not using a VeriSign?

The minimum requierements are:

• • Polycom SIP application 3.2 or later for mutual TLS feature.
• • Polycom bootROM 4.2.0 or later for MD5 digest HTTP authentication.
• • Web server capable of mutual TLS (client certificate checking). (For the configuration example in this bulletin, IIS is used.)
• • One of the following:
• — HTTPS server certificate and root CA certificate if it is self signed.
• or
• — A certificate from VeriSign® or another well known root CA.

Best Regards

Steffen Baier

Polycom Global Services

Hi Steffan

Thanks for the info, I have not had much luck already consulted the links you have suggested.

The phones I have tested with are 331 and 550

The SIP version is 3.2.3.1734

Bootrom 4.2.2.0710.

Have tried one website with a global sign verified cert, and a second with a custom cert, uploaded to the phone.

I dont think https is necessarily the issue, as even just using http I have the issue.

Thanks

Ed

Hello Ed,

can you clarify this statement: "as even just using http I have the issue" ?

Can you not even provision the Phone via HTTP ? Do you have all the files coming with the SIP 3.2.3 Software unzipped to that directory?

You need to provide more details in order for the community to support you or work with your Reseller and/or Polycom Support.

Best Regards

Steffen Baier

Polycom Global Services

Hi Steffan

Sorry if I wasnt clear.

I have a directory call phones. In this directory I have my SIP files(ld, cfg etc), I have my bootrom files(ld etc) I have MAC address files, I have lineport files. I have all the files from the same directory from another server that is setup as an FTP server.

so I am quite happy to say I have all the correct files, as when I provision using FTP it works quite happily.

Now with all of those in place on the new HTTP/HTTPS server, the phone is setup with server type HTTPS, with the correct URL, and username and password set. I have a custom cert loaded on to the phone. This does not work. When the phone tries to get the 3 initial files during the boot sequence, the phone fails to send another GET request with the auth details when it receives the initial 401 unauthorised message for the initial GET.

So even setting up the phone to look at provisioning via HTTP, I get the same issue. It is as though the phone does not recognise that it has the auth username and password set.

Hope that makes a bit more sense.

Thanks

Ed

Hello Ed,

I would suggest to upgrade to at least SIP 3.2.5 or UCS 3.3.2 and BootROM 4.3.0

Then enable the phone to be able to log to FTP or Syslog so you can see what the Phone is doing.

Can you wget from another Linux machine to the server to see if you can get the files or if it is just a permission on the Web Server ..?

Can another PC browse to the 000000000000.cfg on the HTTP Server?

This Feature is working and has been tested so you may need to go via your reseller / Polycom as advised above.

Regards

Steffen Baier

Polycom Global Services

Hi,

I am done with http auto provisioning of polycom 335 phone using http server  successfully .

Now,I want to do the same for HTTPS,may i know the procedure about  auto provisioning of polycom 335 using HTTPS,the configuration files of HTTPS.

Thanks,

Alekhya.G

Hello Alekhya.G,

welcome to the Polycom Community.

Our support page contains this post => here <=

This explains on page 40 how to use a Polycom certificate hosted at pki.polycom.com

The guide is a bit outdated as it only shows IIS 6.5 but should give you a good idea.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

Helo,

I started learning asterisk last month ago..The file which u sended is very usefull,thankue

But iam working this provisioning on cent os (asterisk).May i know the procedure for auto provisioning of polycom 335 phone using HTTPS server

Thanks,

Alekhya.G

Hi,

Can i have reply from you?

Thanks,

Alekhya.G