Table of Contents
Advertisement
Creating Provisioning Scripts
Encrypting a File with the SPC
Encrypting a File with the SPC
Cisco Small Business IP Telephony Devices Provisioning Guide
Preencrypting configuration profiles offline with symmetric key encryption allows
the use of HTTP for resyncing profiles. The provisioning server uses HTTPS to
handle initial provisioning of IP Telephony devices after deployment. This feature
reduces the load on the HTTPS server in large scale deployments.
The final file name does not need to follow a specific format, but it is conventional
to end the name with the .cfg extension to indicate that it is a configuration profile.
The SPC can generate different types of configuration files by using different
types of encryption.
•
Generic, non-targeted CFG file, without an explicit key
•
Targeted (--target option), also encrypts the CFG file without an explicit key,
but uses the MAC address of the target IP Telephony device, and only that
device can decode it
•
Explicit key-based encryption of the CFG file.
Generic
A generic, non-targeted CFG file is accepted as valid by any IP Telephony device
that resyncs to it. The following command generates a basic CFG file:
spc spa962.txt spa962.cfg
This example compiles the plain-text spa962.txt file into the binary spa962.cfg file
understood by the SPA962. The --scramble option performs encryption that does
not require the explicit transmission of a key to the target device. It requires one
randomizing argument. For example,
spc --scramble SomeSecretPhrase spa962.txt spa962.cfg
The resulting encrypted spa962.cfg is accepted as valid by any IP Telephony
device that resyncs to it.
2
35
Advertisement
Table of Contents
