<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.30.3">
</HEAD>
<BODY>
Hi,<BR>
<BR>
I'm trying to register a yealink with TLS, using my one certificates.<BR>
<BR>
I follow the wiki and In fs i have both agent.pem and cafile.pem . I install in the phone the root certificate.<BR>
<BR>
But when i try to register, i have (tport log):<BR>
<BR>
<BR>
tport.c:3186 tport_recv_iovec() tport_recv_iovec(0x808fb0) msg 0x7fe9d0aa8180 from (udp/192.168.10.1:5060) has 340 bytes, veclen = 1<BR>
tport.c:3004 tport_deliver() tport_deliver(0x808fb0): msg 0x7fe9d0aa8180 (340 bytes) from udp/192.168.10.23:5060/sip next=(nil)<BR>
tport.c:4202 tport_release() tport_release(0x808fb0): 0x7fe9d01142f0 by 0x7fe9d025d920 with 0x7fe9d0aa8180<BR>
tport.c:2730 tport_wakeup_pri() tport_wakeup_pri(0x7fe9c802aad0): events IN<BR>
tport.c:869 tport_alloc_secondary() tport_alloc_secondary(0x7fe9c802aad0): new secondary tport 0x7fe9c03e8450<BR>
tport_type_tls.c:603 tport_tls_accept() tport_tls_accept(0x7fe9c03e8450): new connection from tls/192.168.10.36:48754/sips<BR>
tport_tls.c:869 tls_connect() tls_connect(0x7fe9c03e8450): events NEGOTIATING<BR>
tport_tls.c:869 tls_connect() tls_connect(0x7fe9c03e8450): events NEGOTIATING<BR>
tport_tls.c:526 tls_post_connection_check() tls_post_connection_check(0x7fe9c03e8450): Peer did not provide X.509 Certificate.<BR>
<BR>
<BR>
<BR>
I could make it work and have a register in the tls profile when i check on the phone the option in Security->Trusted Certificates: "Only Accept Trusted Certificates: DISABLED".<BR>
Could it be some bug in the yealink, or I’m missing something in the conf...<BR>
<BR>
Another question, is there any problem if i choose to use this configuration... since is the phone that ignores the certificate and the validation is done by the server and not by the client. <BR>
<BR>
Can you help me?<BR>
<BR>
Thanks,<BR>
António
</BODY>
</HTML>