EasyManuals Logo
Home>Cisco>IP Phone>6800 Series

Cisco 6800 Series Provisioning Guide

Cisco 6800 Series
104 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #58 background imageLoading...
Page #58 background image
Exercise: Basic HTTPS Resync
Procedure
Step 1
Install an HTTPS server on a host whose IP address is known to the network DNS server through normal
hostname translation.
The open source Apache server can be configured to operate as an HTTPS server when installed with the
open source mod_ssl package.
Step 2
Generate a server Certificate Signing Request for the server. For this step, you might need to install the open
source OpenSSL package or equivalent software. If using OpenSSL, the command to generate the basic CSR
file is as follows:
openssl req new out provserver.csr
This command generates a public/private key pair, which is saved in the privkey.pem file.
Step 3
Submit the CSR file (provserver.csr) to Cisco for signing.
A signed server certificate is returned (provserver.cert) along with a Sipura CA Client Root Certificate,
spacroot.cert.
See https://supportforums.cisco.com/docs/DOC-9852 for more information
Step 4
Store the signed server certificate, the private key pair file, and the client root certificate in the appropriate
locations on the server.
In the case of an Apache installation on Linux, these locations are typically as follows:
# Server Certificate:
SSLCertificateFile /etc/httpd/conf/provserver.cert
# Server Private Key:
SSLCertificateKeyFile /etc/httpd/conf/pivkey.pem
# Certificate Authority:
SSLCACertificateFile /etc/httpd/conf/spacroot.cert
Step 5
Restart the server.
Step 6
Copy the basic.txt configuration file (described in TFTP Resync, on page 45) onto the virtual root directory
of the HTTPS server.
Step 7
Verify proper server operation by downloading basic.txt from the HTTPS server by using a standard
browser from the local PC.
Step 8
Inspect the server certificate that the server supplies.
The browser probably does not recognize the certificate as valid unless the browser has been pre-configured
to accept Cisco as a root CA. However, the phones expect the certificate to be signed this way.
Modify the Profile_Rule of the test device to contain a reference to the HTTPS server, for example:
<Profile_Rule>
https://my.server.com/basic.txt
</Profile_Rule>
This example assumes the name of the HTTPS server is my.server.com.
Cisco IP Phone 6800 Series Multiplatform Phones Provisioning Guide
52
Provisioning Examples
Basic HTTPS Resync

Table of Contents

Other manuals for Cisco 6800 Series

Preview: User Guide
User Guide222 pages
Preview: Administration Guide
Administration Guide358 pages
Preview: Troubleshooting
Troubleshooting12 pages
Preview: Hardware Installation
Hardware Installation20 pages
Preview: Maintenance
Maintenance8 pages
Preview: Quick Start Guide
Quick Start Guide4 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 6800 Series and is the answer not in the manual?

Cisco 6800 Series Specifications

General IconGeneral
BrandCisco
Model6800 Series
CategoryIP Phone
LanguageEnglish

Related product manuals