Commit fcfc7489 authored by Louis-Philippe Véronneau's avatar Louis-Philippe Véronneau

new post: TLS SIP support on the Cisco SPA112

parent 5b1ee18f
Title: TLS SIP support on the Cisco SPA112 ATA
Tags: sip
Modified: 2019-05-14 19:41
A few days ago, my SIP provider (the ever reliable [VoIP.ms][voip.ms]) rolled
out TLS+SRTP support. As much as I like their service, it was about time.
......@@ -28,5 +29,27 @@ certificate used interferes with the firmware upgrade process.
[voip.ms]: https://voip.ms
[wiki]: https://wiki.voip.ms/article/Call_Encryption_-_TLS/SRTP
### 2019-05-14 update
One of the changes in 1.4.1 SR3 firmware is that the SPA112 now validates TLS
certificates, as per [issue CSCvm49157][issue] in the [release notes][notes].
The problem I had with being unable to register the device was being caused by
a missing Let’s Encrypt root certificate in its certificate store.
Thanks to Michael Davie for pointing this out to me! It turns out VoIP.ms also
did their job and [updated their documentation][newdoc] to include a section on
adding a new root CA cert to the device. Sadly, the link they provide on their
wiki is a plain HTTP one. I'd recommend you use the LE Root CA directly:
`https://letsencrypt.org/certs/isrgrootx1.pem.txt`
One last thing: if like me you wondered what the heck was the new *beep beep*
sound during the call, it turns out it's the "Secure Call Indication Tone". You
can turn it off by following [these instructions][secure_tone].
[issue]: https://quickview.cloudapps.cisco.com/quickview/bug/CSCvm49157
[newdoc]: https://wiki.voip.ms/article/Cisco_SPA112#Configuring_a_Voice_line_using_TLS
[notes]: https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/csbpvga/spa100-200/release/source/spa112-122-rn-1-4-1-SR3/spa112-122-rn-1-4-1-SR3.html
[secure_tone]: https://wiki.voip.ms/article/Cisco_SPA112#Secure_Call_Indication_Tone
[^1]: Yes, you heard that right: they have a lab on hand with tons of devices so
that they can help you debug your problems live.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment