Cisco Unified IP Phone Security Problems
The following sections provide troubleshooting information for the security features on the Cisco Unified IP Phone.
CTL File Problems
The following sections describe problems with the CTL file:
Authentication Error, Phone Cannot Authenticate CTL File
Problem
A device authentication error occurs.
Cause
CTL file does not have a Cisco Unified Communications Manager certificate or has an incorrect certificate.
Solution
Install a correct certificate.
Phone Cannot Authenticate CTL File
Problem
Phone cannot authenticate the CTL file.
Cause
The security token that signed the updated CTL file does not exist in the CTL file on the phone.
Solution
Change the security token in the CTL file and install the new file on the phone.
CTL File Authenticates but Other Configuration Files Do Not Authenticate
Problem
Phone cannot authenticate any configuration files other than the CTL file.
Cause
A bad TFTP record exists, or the configuration file may not be signed by the corresponding certificate in the phone Trust List.
Solution
Check the TFTP record and the certificate in the Trust List.
ITL File Authenticates but Other Configuration Files Do Not Authenticate
Problem
Phone cannot authenticate any configuration files other than the ITL file.
Cause
The configuration file may not be signed by the corresponding certificate in the phone Trust List.
Solution
Re-sign the configuration file by using the correct certificate.
Phone Does Not Register
Problem
Phone does not register with Cisco Unified Communications Manager.
Cause
The CTL file does not contain the correct information for the Cisco Unified Communications Manager server.
Solution
Change the Cisco Unified Communications Manager server information in the CTL file.
Signed Configuration Files Are Not Requested
Problem
Phone does not request signed configuration files.
Cause
The CTL file does not contain any TFTP entries with certificates.
Solution
Configure TFTP entries with certificates in the CTL file.