Changing the key on the phone – Polycom SOUNDPOINT SIP 3.1 User Manual
Page 297
Miscellaneous Administrative Tasks
C - 5
You can check whether an encrypted file is the same as an unencrypted file by:
1.
Run the configFileEncrypt utility on the unencrypted file with the "-d"
option. This shows the "digest" field.
2.
Look at the encrypted file using WordPad and check the first line that
shows a "Digest=…." field. If the two fields are the same, then the
encrypted and unencrypted file are the same.
The following configuration file changes are required to modify this feature:
Changing the Key on the Phone
For security purposes, it may be desirable to change the key on the phones and
the server from time to time.
To change a key:
1.
Put the new key into a configuration file that is in the list of files
downloaded by the phone (specified in 000000000000.cfg or <Ethernet
address>.cfg).
Use the device.sec.configEncryption.key parameter to specify the
new key.
Note
If a phone downloads an encrypted file that it cannot decrypt, the action is logged,
an error message displays, and the phone reboots. The phone will continue to do
this until the boot server provides an encrypted file that can be read, an
unencrypted file, or the file is removed from the master configuration file list.
Note
The SoundPoint IP 300 and 500 phones will always fail at decrypting files. These
phones will recognize that a file is encrypted, but cannot decrypt it and will display
an error. This information is logged. Encrypted configuration files can only be
decrypted on the SoundPoint IP 301, 320, 330, 430, 501,550, 560, 600, 601, 650,
and 670 and the SoundStation IP 4000, 6000, and 7000 phones.
The master configuration file cannot be encrypted on the boot server. This file is
downloaded by the bootROM that does not recognize encrypted files. For more
information, refer to
on page
.
Central
(boot server)
Configuration File: sip.cfg
Specify the phone-specific contact directory and the
phone-specific configuration override file.
For more information, refer to
on page
Configuration file:
<device>.cfg
Change the encryption key.
For more information, refer to
on page
.