In-House Preprovisioning and Provisioning Servers
Provisioning Server Setup
Provisioning Guide for Cisco SPA100 and SPA200 Series Analog Telephone Adapters 44
3
# Certificate Authority (CA):
SSLCACertificateFile /etc/httpd/conf/spacroot.crt
Refer to the documentation provided for a HTTPS server for specific information.
Firmware release 2.0.6 and higher supports the following cipher suites for SSL
connection to a server by using HTTPS.
Redundant Provisioning Servers
The provisioning server can be specified as an IP address or as a fully qualified
domain name (FQDN). The use of a FQDN facilitates the deployment of redundant
provisioning servers. When the provisioning server is identified through a FQDN,
the ATA attempts to resolve the FQDN to an IP address through DNS. Only DNS
A-records are supported for provisioning; DNS SRV address resolution is not
available for provisioning. The ATA continues to process A-records until a server
responds. If no server associated with the A-records responds, the ATA logs an
error to the syslog server.
Table 1 Cipher Suites Supported for Connecting to an HTTPS Server
Numeric Code Cipher Suite
0x0039 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
0x0035 TLS_RSA_WITH_AES_256_CBC_SHA
0x0033 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
0x002f TLS_RSA_WITH_AES_128_CBC_SHA
0x0005 TLS_RSA_WITH_RC4_128_SHA
0x0004 TLS_RSA_WITH_RC4_128_MD5
0x0062 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
0x0060 TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
0x0003 TLS_RSA_EXPORT_WITH_RC4_40_MD5
To Next Page
Loading...
Need help?
General
