Create an account on the HP Community to personalize your profile and ask a question
05-23-2022 07:04 AM
We use a Poly RPRM to provision our phones,
They are running the firmware versionx 6.2.23.0304 - 7.1.x
We renewed the expiring RPRM certificate with the Intermediate DigiCert TLS RSA SHA256 2020 CA1 (serial 06d8d904d5584346f68a2fa754227ec4) signed by the DigiCert Global Root CA (serial 083be056904246b1 a1756ac95991c74a).
And now the phones stopped trusting the SubCA and are unable to upload logs and download the configurations.
The current workaround is to manual access the phone WebUI and upload the SubCA
05-23-2022 09:56 AM
Do you use a DHCP option to point the phones to RPRM?
If yes simply change this to HTTP instead and reboot the phones. Once the new CFG is loaded reboot the phone after changing the DHCP option back to HTTPS.
If this fails look at the REST API and push the changed cert via that
Jun 05, 2018 Question: Do Poly Phones support a REST API?
Resolution: Please => here <=
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your support channels.
Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN
05-23-2022 10:48 AM
Thanks for getting the post out of the SPAM filter 🙂
All was in great shape and cool plug-and-use.
DHCP options on all locations, RPMR providing the configurations... until the day I renewed the certificate and this new intermediate CA trashed my day.
Now we cannot factory reset a phone or it will not be able to connect to the RPRM (HTTP is out of the question for this customer CISO)
I have support for the phones, so I opened a case.
05-24-2022 07:21 AM
The most weird fix of all time.
After replacing the RPRM to the new certificate (provided by a new Intermediate CA from Digicert) the phones were not able to download the configurations and upload logs to the RPRM. The logs showed clearly a 'CA not trusted' and only worked if I manually add the Intermediate CA to the Phone.
I just uploaded the Intermediate CA that issue the old certificate to the RPRM and now the phones can connect to the RPRM and the logs show that they Trust the certificate issued by the new Intermediate CA....