Redundant Provisioning Servers; Syslog Server - Cisco 6800 Series Provisioning Manual
Multiplatform phones
Hide thumbs
Also See for 6800 Series:
- Administration manual (358 pages) ,
- User manual (222 pages) ,
- Hardware installation (20 pages)
Table of Contents
Advertisement
In-House Preprovisioning and Provisioning Servers
unique client certificate. In the case of a generic certificate, it is possible to obtain the serial number of the
unit from the HTTP request header in the User-Agent field.
HTTPS servers can be configured to request SSL certificates from connecting clients. If enabled, the server
can use the Sipura CA Client Root Certificate that Cisco supplies to verify the client certificate. The server
can then provide the certificate information to a CGI for further processing.
The location for certificate storage may vary. For example, in an Apache installation, the file paths for storage
of the provisioning server-signed certificate, its associated private key, and the Sipura CA client root certificate
are as follows:
# Server Certificate:
SSLCertificateFile /etc/httpd/conf/provserver.crt
# Server Private Key:
SSLCertificateKeyFile /etc/httpd/conf/provserver.key
# Certificate Authority (CA):
SSLCACertificateFile /etc/httpd/conf/spacroot.crt
For specific information, refer to the documentation for an HTTPS server.
The Cisco Client Certificate Root Authority signs each unique certificate. The corresponding root certificate
is made available to service providers for client authentication purposes.
Redundant Provisioning Servers
The provisioning server can be specified as an IP address or as a Fully Qualified Domain Name (FQDN). The
use of an FQDN facilitates the deployment of redundant provisioning servers. When the provisioning server
is identified through an FQDN, the phone attempts to resolve the FQDN to an IP address through DNS. Only
DNS A-records are supported for provisioning; DNS SRV address resolution is not available for provisioning.
The phone continues to process A-records until a server responds. If no server that is associated with the
A-records responds, the phone logs an error to the syslog server.
Syslog Server
If a syslog server is configured on the phone through use of the <Syslog Server> parameters, the resync and
upgrade operations send messages to the syslog server. A message can be generated at the start of a remote
file request (configuration profile or firmware load), and at the conclusion of the operation (indicating either
success or failure).
The logged messages are configured in the following parameters and macro expanded into the actual syslog
messages:
• Log_Request_Msg
• Log_Success_Msg
• Log_Failure_Msg
Cisco IP Phone 6800 Series Multiplatform Phones Provisioning Guide
HTTPS Provisioning
43
Advertisement
Table of Contents
