Firmware Upgrading; Figure 24: Gxv33Xx Firmware Upgrade Configuration - Grandstream Networks GXV3370 Security Manual

Import Trusted CA
Certificates
Trusted CA Certificates
User Certificate
Add Certificate
Custom Certificate
Import Custom
Certificate
Custom Certificate

Firmware Upgrading

Similar to configuration file provisioning, GXV3370/GXV3380/GXV3350 supports downloading firmware file
via HTTP/HTTPS/TFTP. The firmware file is encrypted and GXV33XX ensures only authentic, signed and
untampered firmware file can run. Here are the recommended settings for firmware downloading.
Firmware Upgrade Mode: HTTPS.
-
HTTPS is recommended so the traffic is encrypted while travelling through the network.
HTTP/HTTPS User Name and Password:
-
This can be set up as required on the provisioning server when HTTP/HTTPS is used. Only when the
GXV33XX has the correct username and password configured, it can be authenticated by the firmware
server and the firmware file will be downloaded.
Validate Certificate Chain:
-
This configures whether to validate the server certificate when downloading the firmware/config file. If
set to "Yes", the phone will download the firmware/config file only from the legitimate server.
Note: Firmware process uses the same certificates upload path as the configuration file provision.
Allows to upload the CA Certificate file to phone.
Lists trusted CA certificates previously uploaded. Administrator can
delete a certificate from here.
Allows to upload & Install User Certificate file to phone.
Allows to upload a Custom Certificate file to phone.
Lists trusted Custom Certificate previously uploaded. Administrator can
delete a certificate from here.

Figure 24: GXV33XX Firmware Upgrade Configuration

GXV33XX Security Guide
P a g e | 21