Yealink HTTPS Provistioning URL

Can anyone point me in the right direction on setting Yealink phones to use HTTPS for the autoprovisioning URL instead of HTTP in the provisioning module? I found the setting on Fanvil phones under ‘Flash Protocol:’ on the the custom tab and that works fine but I can’t find a similar way to make the change for the Yealink phones.

Is everyone just provisioning over HTTP instead of a secured protocol? Seems like a bad idea.

Redirect HTTP to HTTPS.

I don’t see any options in Vital to redirect HTTP to HTTPS. Is that something that has to be done outside of Vital or am I missing a setting somewhere?

Edit:
I set up the system right from the beginning to force HTTPS under Admin>System Settings>HTTP Server but phones seem to still provision using HTTP even with that setting enabled. I can force HTTPS on the Fanvil phones provisioning template but don’t see where I can do that with Yealkink phones.

If you setup the redirection, the phone will still say http, but it will communicate over https. Try it!

After knowing you in the forum you are quite a security guy. Why are you now suggesting http?
Should there not be a https solution?
Let me understand, please.

Please don’t put words in my mouth. Please read again what I posted.

If you redirect HTTP to HTTPS, the provisioning will happen on HTTPS.

Yes, it’s best if you get the phone to natively try https, but if you are pulling your hair out trying to figure it out, simply do the redirect and the results will be exactly the same.

I hear security concerns and a question about HTTPs instead of HTTP.

Did not put any words in your mouth.

Show me where I suggested that he should use HTTP provisioning.

You are missing the ENTIRE point here. If you are redirecting, then you are using HTTPS.

So credentials are save when redirected from http to https?

Then you are right, would be a good solution for him.

What credentials are you referring to?

Username and password for provisioning.

As far as I can tell, OP didn’t mention anything about http auth.

Regardless, if you don’t like the solution and have a better one, please share it.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.