AASTRA 6700i series, 9143, 9480i, 9480i CT SIP Administrator Guide EN User Manual

41-001343-01 Rev 03, Release 3.2.2

A-115

Parameter –
sips trusted certificates

Trusted Certificates
Filename
(in Web UI)

Aastra Web UI

Advanced Settings->TLS Support

Configuration Files

aastra.cfg, <model>.cfg, <mac>.cfg

Description

Allows you to specify the Trusted Certificate files to use when the phone
uses the TLS transport protocol to setup a call.

The Trusted Certificate files define a list of trusted certificates. The phone’s
trusted list must contain the CA root certificates for all the servers it is
connecting to. For example, if the phone is connecting to server A which
has a certificate signed by CA1, and server B which has a certificate
signed by CA2, the phone must have CA1 root certificate and CA2 root
certificate in its Trusted Certificate file.

This parameter is required when configuring TLS or Persistent TLS.

You can use this parameter in three ways:
•

To download no certificates

•

To download a certificate from the original configuration server

•

To download a certificate from another specified server

To download a specific file, the string value MUST HAVE A FILENAME at
the end of the string. For example:

sips trusted certificates:ftp://admin:[email protected]:50/path/
phonesTrustedCert.pem

where “path” is the directory and “phonesTrustedCert.pem” is the filename.
If you do not specify a filename, the download fails.

See examples for each below.

Note: The certificate files must use the format “.pem”. To create custom
certificate files to use on your IP phone, contact Aastra Technical Support.

Format

<file name>.pem

Default Value

Not Applicable

Range

Not Applicable