Hi Steffen Baier,
The link to the givn thread is already solved. I did accept the solution for the thread however for further comments down in the thread, "accept as solution" option does not come.
we found some workaroud and and that is why we did not raise any ticket. (I cant recall the workaroud at this point).
Answering you questions inline below:
For your new issue what is it that you are trying to archive?
[Arvind] Our provisioning server runs only on HTTPS. For the phones to accept HTTPS provisioning url, we need to install provisioning server's certificte in phone's CA which We dont want to do in all the phones. Thats why we want to diable server's ceritificate authorization in the phone.
What Phone models are you after this for this feature?
[Arvind] We are using SPIP450, VVX500.
The only place for something similar can be found Settings > Network > TLS > TLS Applications > Common Name Validation
[Arvind] I have tried disabling this for both SIP and Provisioning but it still TLS handshake failure with follwoing error.
SSL_connect error SSL connect error.error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
In this thread, you have suggested that strictCertCommonNameValidation Parameter(Common Name Validation) which will only ignore the commonName/ SubjectAltName verification on server certificate in the SIP TLS negotiation and will not disable the CA validation.
So it seems according to what i understand is disabling Common Name Validation will not disable CA validation in phone.
Please let me know if there is a way to achieve this.
Thanks,
Arvind
