[cisco-voip] cnf.xml.sgn for non-secure cluster?

Ovidiu Popa ovi.popa at gmail.com
Mon May 21 16:28:13 EDT 2012 

My understanding is that ITL is required for several reasons:
- used to store the trusted certificates required for the TLS session to 
the TVS web service (not related to cluster mixed mode as https web 
services can be activated even if the cluster is unsecure)
- used to validate file signatures (only if the cluster is in mixed mode)

If this is correct I think it is normal that I have an ITL file but my 
question still stands: how come the phone requests a signed file if the 
cluster not secure ?

Thanks,
Ovidiu



On 21/May/12 8:03 PM, Ed Leatherman wrote:
> Hello,
>
> My understanding is that the phone requests a CTL or ITL file when it 
> boots. If it ever actually gets a CTL or ITL file, from that point on 
> it will always request a signed configuration file, unless the CTL or 
> ITL files are manually deleted from the phone. If i'm incorrect 
> hopefully someone will chime in :)
>
> Ed
>
> On Mon, May 21, 2012 at 1:12 PM, Ovidiu Popa <ovi.popa at gmail.com 
> <mailto:ovi.popa at gmail.com>> wrote:
>
>     Hello everyone
>
>     Anyone know how a phone detects if it needs to download a signed
>     or unsigned configuration file?
>
>     I have a few phones that keep requesting signed file even though
>     the cluster is not in mixed mode and I cannot identify why they
>     behave this way. Does the ITL file contain information about the
>     cluster security mode?
>
>     The phone logs say that the TFTP server is secure and keep trying
>     for the cnf.xml.sgn files. Where does it get this information?
>
>     Thank for any input.
>
>     Regards.
>     Ovidiu
>
>     _______________________________________________
>     cisco-voip mailing list
>     cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
>     https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
>
> -- 
> Ed Leatherman
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120521/792cccc5/attachment.html>

More information about the cisco-voip mailing list