Poly Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Sectigo root and chain support

Folkert
Advisor
‎05-18-2020 06:53 AM
‎05-18-2020 06:53 AM

Sectigo root and chain support

Hi,

 

our Addtrust/Usertrust certificate chain is changed in Sectigo. Sectigo is not a trusted root CA in a Polycom VVX phone. I've tested it with a Softwareversion UC 5.9.6.2327 but connecting to a Skype for Business environment is not possible anymore. I know I can upload the chain, but we have multiple customers with lots of phones. For now we will replace our certificate with a supported chain. Do you know if Sectigo will be added as a trusted CA?

 

Regards,

 

Folkert

Message 1 of 19
0 Kudos
Reply
18 REPLIES 18
Folkert
Advisor
‎05-18-2020 07:12 AM
‎05-18-2020 07:12 AM

Re: Sectigo root and chain support

This is the news item from Sectigo:
https://sectigo.com/resource-library/sectigo-begins-issuing-certificates-on-new-sectigo-branded-root

Message 2 of 19
0 Kudos
Reply
SteffenBaierUK
Polycom Employee & Community Manager Polycom Employee & Community Manager
Polycom Employee & Community Manager
‎05-18-2020 07:14 AM
‎05-18-2020 07:14 AM

Re: Sectigo root and chain support

Hello @Folkert ,

 

Welcome back to the Poly Community.

 

The current Sectigo/Comodo runs out on the 30/05/2020


We are planning to add userTRUST into our bundle. The next software version having this is 6.3.0 later this month (Subject to change).

 

Other software streams will follow


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

----------------

If official support is required please check how to phone or open a case here

----------------
The title Poly Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. All posts and words are my own & do not represent the views of Employer.

----------------


⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓ SIGNATURE ⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓
Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
Please also ensure you always check the VoIP , Video Endpoint , Microsoft Voice , PSTN or other FAQ's in the different sections
Message 3 of 19
0 Kudos
Reply
Folkert
Advisor
‎05-18-2020 07:18 AM
‎05-18-2020 07:18 AM

Re: Sectigo root and chain support

Hi Steffen,

 

that would be great! Also in the 5.9 channel would be nice, cause the 'old' VVX versions (like my test 500) can't run v6 firmware. I'll test as soon as the new firmware is released.

Thanks!

Folkert

Message 4 of 19
0 Kudos
Reply
AllenArmstrong
Occasional Contributor
‎06-03-2020 11:02 AM
‎06-03-2020 11:02 AM

Re: Sectigo root and chain support

Is there any updates on this?

 

Allen

Message 5 of 19
0 Kudos
Reply
SteffenBaierUK
Polycom Employee & Community Manager Polycom Employee & Community Manager
Polycom Employee & Community Manager
‎06-03-2020 11:35 AM
‎06-03-2020 11:35 AM

Re: Sectigo root and chain support

Hello @AllenArmstrong ,

 

Welcome to the Poly Community.

Not knowing what software version you are expecting this for the next 6.3.0 release is planned to be early June (Subject to change).


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

----------------

If official support is required please check how to phone or open a case here

----------------
The title Poly Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. All posts and words are my own & do not represent the views of Employer.

----------------


⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓ SIGNATURE ⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓
Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
Please also ensure you always check the VoIP , Video Endpoint , Microsoft Voice , PSTN or other FAQ's in the different sections
Message 6 of 19
0 Kudos
Reply
AllenArmstrong
Occasional Contributor
‎06-03-2020 12:17 PM
‎06-03-2020 12:17 PM

Re: Sectigo root and chain support

6.3.0 is what I was looking for.   We have Comodo cert and if a phone reboots it no longer communicates with your Skype server on prem. server.  Looks like the only option is to go get another cert.   There probably is no chance on getting an ETA is there?

 

Allen

Message 7 of 19
0 Kudos
Reply
TonyGuadagno
Occasional Advisor
‎06-05-2020 05:18 AM
‎06-05-2020 05:18 AM

Re: Sectigo root and chain support

hi, i have a bunch of ip5000 with the same issue....when will updated code be available for them....they are bricks right now!

Message 8 of 19
0 Kudos
Reply
SteffenBaierUK
Polycom Employee & Community Manager Polycom Employee & Community Manager
Polycom Employee & Community Manager
‎06-05-2020 06:15 AM
‎06-05-2020 06:15 AM

Re: Sectigo root and chain support

Hello @TonyGuadagno ,

 

Welcome to the Poly Community.

What are you using the certificate for? There is no release date as of yet for a 4.0.16 which would include this.

 

If you simply import the CRT via the Web Interface the device can communicate again with the server.

 

As we are not aware if you are using this for provisioning purposes (aka the phone would just be unable to load new configuration and upload its logs) or for SIP please clarify what you are using this for.


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

----------------

If official support is required please check how to phone or open a case here

----------------
The title Poly Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. All posts and words are my own & do not represent the views of Employer.

----------------


⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓ SIGNATURE ⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓⇓
Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
Please also ensure you always check the VoIP , Video Endpoint , Microsoft Voice , PSTN or other FAQ's in the different sections
Message 9 of 19
0 Kudos
Reply
TonyGuadagno
Occasional Advisor
‎06-05-2020 06:20 AM
‎06-05-2020 06:20 AM

Re: Sectigo root and chain support

hi,

  i am currently using 4.11aa and yes, i am provisioning as well as sip-tls and srtp.  that is why the phones are not working because they cannot connect even to provision. I guess i could go to every phone and add the cert but that is a lot of work...i really think you guys should have been on this sooner.

  anyway, could you please point me to the docs on how to load the cert into the trusted key store on the ip 5000?  that would help

 

thanks

 

Message 10 of 19
0 Kudos
Reply