• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
The HP Community is where owners of HP products, like you, volunteer to help each other find solutions.
HP Recommended

Hi,

I have a customer who is developing a login/logout applicaton for their SSIP 5k & 7k. Now they have the following issues/questions:

 

  • They managed to get phone to successfully browse a page using IIS anonymous access, but the doc implied that it would use digest authentication for HTTP GET requests - what is going on?
  • Why is the model number in the HTTP header SSIP_5000 when the model number returned by the API is SSIP5000?(I thought the values would be identical)
  • Will the MAC address/Serial Number returned in the HTTP header always be fixed at 12 characters long and prefixed by SN:?

 

Scenario

They are trying to browse to an SSL-protected site from the SSIP 5000 phone’s microbrowser.

 

What they have done

They followed the instructions contained within that certificates bulletin (17877) and created a self-signed CA certificate. They then installed it to the phone’s CA list as described and that worked successfully. They created a pfx from the certificate so that they could install in IIS and SSL-enable the website.

 

What Happens

When they browse to the site using Internet Explorer and the site displays correctly with no errors or warnings. 

When they browse to the site using the phone microbrowser they get a browser error:

 

SSL certificate problem, verify that the CA cert is ok.

Details: error 14090086:SSL routines

SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

 

A trace in Wireshark shows the client and server hello succeed, then comes the TLS fatal alert with bad Certificate as the description.

 

So it looks as though my CA certificate is wrong somehow even though the same process works fine with a different browser.

 

Are there any known issues using a custom certificate installed to the phone’s CA list from the microbrowser?  

 

Thanks in advance

1 REPLY 1
HP Recommended

Hello SE-DaW,

 

welcome to the Polycom Community.

 

The phone is supporting TLS and a custom certificate that is usually used for HTTPS Provisioning.

 

As far as I am aware mutual TLS on Micro Browser is currently not supported.

 

Please raise this as a feature request via https://jira.polycom.com/secure/CreateIssue.jspa?os_username=jiraguest&os_password=polycom&pid=10240...

 

Best regards

 

Steffen Baier

 

Polycom Global Services

------------------------------------------------
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.

Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.