Aastra 9000i Series Administrator's Manual page 75

Using HTTPS via the Aastra Web UI
HTTPS is enabled by default on the IP phones. When you open a browser window and enter an
IP address or host name for a phone using HTTP, a server redirection occurs which
automatically converts an HTTP connection to an HTTPS connection. After the redirection, a
"Security Alert" certificate window displays alerting the user that information exchanged with
the phone cannot be viewed or changed by others. Accepting the certificate then forwards you to
the phone's Web UI.
Reference
For more information on configuring the HTTPS protocol, see Chapter 4, the sections:
• "Configuring the Configuration Server Protocol"
• "HTTPS Client/Server Configuration"
2-8
Notes:
1. The private key and certificate generate outside the phone and embed
in the phone firmware for use by the HTTPS server during the SSL
handshake.
2. Using the configuration files, the IP phone UI, or the Aastra Web UI,
you can configure the following regarding HTTPS:
- Specify HTTPS security client method to use (TLS 1.0 or SSL 3.0)
- Enable or disable HTTP to HTTPS server redirect function
- HTTPS server blocking of XML HTTP POSTS to the phone
on page 4-104
on page 4-41
41-001343-01 Rev 02, Release 3.2.2