Security Features
321
l TWCA Root Certification Authority
l UTN - DATACorp SGC
l UTN-USERFirst-Hardware
l ValiCert Class 1 Policy Validation Authority
l ValiCert Class 2 Policy Validation Authority
l ValiCert Class 3 Policy Validation Authority
l Visa eCommerce Root
l Wells Fargo Root Certificate Authority
l WellsSecure Public Root Certificate Authority
l XRamp Global Certification Authority
Note
Yealink endeavors to maintain a built-in list of most common used CA Certificates. Due to memory constraints, we cannot
ensure a complete set of certificates. If you are using a certificate from a commercial Certificate Authority not in the list
above, you can send a request to your local distributor. At this point, you can upload your particular CA certificate into your
phone.
TLS Configuration
The following table lists the parameters you can use to configure TLS.
Parameter
account.X.sip_server.Y.transport_type
[1][2]
<MAC>.cfg
Description It configures the type of transport protocol.
Permitted
Values
0-UDP
1-TCP
2-TLS
3-DNS-NAPTR, if no server port is given, the phone performs the DNS NAPTR and SRV queries for the ser-
vice type and port.
Default 0
Web UI Account->Register->SIP Server Y->Transport
Parameter static.security.default_ssl_method <y0000000000xx>.cfg
Description It configures the TLS version the IP phone uses to authenticate with the server.
Permitted
Values
0-TLS 1.0 only
3-SSL V23 (automatic negotiation with the server. The phone starts with TLS1.2 for negotiation.)
4-TLS 1.1 only
5-TLS 1.2 only
Default 3
Parameter
static.security.trust_certificates
[3]
<y0000000000xx>.cfg
Description It enables or disables the phone to only trust the server certificates in the Trusted Certificates list.
Permitted
Values
0-Disabled, the phone will trust the server no matter whether the certificate sent by the server is valid or
not.
1-Enabled, the phone will authenticate the server certificate based on the trusted certificates list. Only
To Next Page
Loading...
Need help?
General
