mv asterisk.pem agent.pem #both, file is server cert followed by private key (begin/end certificate and begin/end private key)
The syslog I am seeing from the spa is the following with varying Backoff times:
SIP/TCP Backoff 4000 ms
There is another post on here for TLS and SPA5xx phones, https://supportforums.cisco.com/message/3458777, but I am not sure how to use the combinedca that I have for provisioning, lots of certificates in a file, with the cafile/agent that freeswitch uses.
You are trying to use self-signed certificate ? It depend on implementation, but some implementation rejects CA certificates used as standard certificate. I don't know if SPA1x2 is affected by it.
You may consider to create your own CA then issue casual certificate to aboid problems.
All at all, the CA issuing the certificate needs to be trusted by SPA1x2. So you need either certificate issued by a internal preinstaled CA (such certificate can be requested from Cisco), or you need download CA certificate info SPA112 (if you are using own CA to issue certificates).
Please note that SPA112 is not SPA IP Phone, but ATA, so this thread is not appropriate here. Use top left corner menu to move it to appropriate place, please. ( )
I originally tried using a self signed cert, but that didn't work. I next tried using the private key I generated for the HTTPS Provisioning and the Certificate I got back from Cisco after I sent my CSR. But I'm still getting the same errors. I do have https provisioning setup and running fine with the key, cert, and combinedca files (https://supportforums.cisco.com/docs/DOC-9852).
If I understand correctly, the following would be a casual certificate, and not a CA certificate, right? I tried it and got the same errors.
You have a Cisco Unified Communications Manager (CUCM) system and want
to configure a SPA112 analog telephone adaptor (ATA) to register to the
CUCM so that you can use up to two analog phones or similar FXS devices
with the CUCM.In this application note, ...
This document is a must-read for all SPA232D installers, administrators,
and users. The document takes you from unboxing the SPA232D ATA and
SPA302D DECT handsets, through DECT handset registration, and connecting
to the PSTN and ITSP.The document describ...
Device: SPA112Firmware: 1.3.2 SPA112 accepts 101 to set internet
addressing method from dynamic to static but does not change the actual
value. Error message - Set Static IP (INTERNET PORT) 111: Invalid
option. Resolution Summary: . Step 1 : Press **** . ...