We use a Poly RPRM to provision our phones,
They are running the firmware versionx 6.2.23.0304 - 7.1.x
We renewed the expiring RPRM certificate with the Intermediate DigiCert TLS RSA SHA256 2020 CA1 (serial 06d8d904d5584346f68a2fa754227ec4) signed by the DigiCert Global Root CA (serial 083be056904246b1 a1756ac95991c74a).
And now the phones stopped trusting the SubCA and are unable to upload logs and download the configurations.
The current workaround is to manual access the phone WebUI and upload the SubCA
Do you use a DHCP option to point the phones to RPRM?
If yes simply change this to HTTP instead and reboot the phones. Once the new CFG is loaded reboot the phone after changing the DHCP option back to HTTPS.
If this fails look at the REST API and push the changed cert via that
Jun 05, 2018 Question: Do Poly Phones support a REST API?
Resolution: Please => here <=
If official support is required please check how to phone or open a case here----------------
Thanks for getting the post out of the SPAM filter
All was in great shape and cool plug-and-use.
DHCP options on all locations, RPMR providing the configurations... until the day I renewed the certificate and this new intermediate CA trashed my day.
Now we cannot factory reset a phone or it will not be able to connect to the RPRM (HTTP is out of the question for this customer CISO)
I have support for the phones, so I opened a case.
The most weird fix of all time.
After replacing the RPRM to the new certificate (provided by a new Intermediate CA from Digicert) the phones were not able to download the configurations and upload logs to the RPRM. The logs showed clearly a 'CA not trusted' and only worked if I manually add the Intermediate CA to the Phone.
I just uploaded the Intermediate CA that issue the old certificate to the RPRM and now the phones can connect to the RPRM and the logs show that they Trust the certificate issued by the new Intermediate CA....