Cisco SPA901-UK Provisioning Guide - Page 71
Secure Resync, Basic HTTPS Resync
UPC - 745883570751
View all Cisco SPA901-UK manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 71 highlights
Provisioning Tutorial Secure Resync 3 STEP 6 In the HTTP server logs, observe how information identifying the test IP Telephony Device appears in the log of user agents. This should include the manufacturer, product name, current firmware version, and serial number. Secure Resync This section demonstrates the preferred mechanisms available on the IP Telephony Device for securing the provisioning process. It includes the following topics: • Basic HTTPS Resync, page 70 • HTTPS With Client Certificate Authentication, page 72 • HTTPS Client Filtering and Dynamic Content, page 73 Basic HTTPS Resync HTTPS adds SSL to HTTP for remote provisioning so that: • The IP Telephony Device can authenticate the provisioning server. • The provisioning server can authenticate the IP Telephony Device. • The confidentiality of information exchanged between the IP Telephony Device and the provisioning server is ensured through encryption. SSL generates and exchanges secret (symmetric) keys for each connection between the IP Telephony Device and the server, using public/private key pairs preinstalled in the IP Telephony Device and the provisioning server. On the client side using HTTPS (with the GET method) simply requires changing the definition of the URL in the Profile_Rule parameter from http to https. On the server side, the service provider must install and set up the HTTPS server. In addition, an SSL server certificate signed by Cisco must be installed on the provisioning server. The devices cannot resync to a server using HTTPS, unless the server supplies a Cisco-signed server certificate. Cisco Small Business IP Telephony Devices Provisioning Guide 70