ip touch 4038 - problem with certificate download

[cavagnaro]

Yeah but a certificate can have many encryption methods. What if he created a one in wrong format?

[tot3nkopf]

Yeah but a certificate can have many encryption methods. What if he created a one in wrong format?

That would be a problem when activating the certificate in my view, not when downloading...

[cavagnaro]

The error says Bad File Content so for me can be that he downloaded the certificate but is not able to understand/open it...Wireshark on pc port maybe?

[tot3nkopf]

I tried but no changes...

The thing is, when i start the download manually it works!

Were you able also to activate the downloaded certificate or just download it manually?

[marc_bo]

When I start the download manually, i can use/activate the certificate. --> 802.1x Auth. is succesfull.

But what is the right encryption method for the certificate?

When the certificate will downloaded automatically, who I have to activate it? When the ip phone boots up?

I understand that the certificate can be downladed automatically:

[tot3nkopf]

It is not clear --> it is mentioned that the download can be automated, however no mention about automatic activation of the certificate...

[krzysioD]

Stuck on very same think.
Any luck there?

[tot3nkopf]

Stuck on very same think.
Any luck there?

I did not test this yet (busy with other stuff). The method to upload the certificate by url is considered anyway highly unsecured in our environment...
In which part are you stuck Krzysztof? Automatic activation?

[krzysioD]

Yeap.
or to go to some simple solution: may i turn off the 802.1X globally on all of ip phones NOT by going into every iptouch menu?

[cavagnaro]

For Activation you should modify URL path with the url where the certificate (pkcs12) is. Generated by your CA if using Win2008 or superior. Alcatel embeded certs are only 2003 compliant.
The activation (query) then will happen as proper of the 802.1x protocol.

For global maybe do it via telnet on the iptouch?