communicate, TLS ensures that no third party may eavesdrop or tamper with any message.
TLS is the successor to SSL.
Note: HTTPS uses port 443 instead of HTTP port 80 in its interactions with the TCP/IP
lower layer. Both the HTTP and HTTPS port numbers are configurable using the
configuration files, the IP Phone UI, the Mitel Web UI and DHCP Option 66. For more
information about configuring these ports, see Chapter 4, the section,
Configuration Server Protocol"
HTTP/HTTPS CLIENT AND SERVER SUPPORT
The Mitel IP phones allow for HTTP request processing and associated data transfers to perform
over a secure connection (HTTPS). The IP phones support the following:
•
Transfer of firmware images, configuration files, script files, and web page content over a
secure connection.
•
Web browser phone configuration over a secure connection
•
TLS 1.0 or SSL 3.0 methods for both client and server
The following TLS 1.0 and SSL 3.0 ciphers and cipher suites are supported by the phone:
CIPHER
AES128
AES256
CAMELLIA128
CAMELLIA256
DES
DHE
EDH
RC4
SEED
HTTPS Client
When an HTTPS client opens and closes its TCP socket, the SSL software respectively
handshakes upon opening and disconnects upon closing from the HTTPS server. The main
HTTPS client functions are:
•
Downloading of configuration files and firmware images
•
Downloading of script files based on an "HTTPS://" URL supplied by a softkey definition
on
page
4-99.
CIPHER SUITES
AES128-SHA
AES256-SHA
CAMELLIA128-SHA
CAMELLIA256-SHA
DES-CBC-SHA, DES-CBC3-SHA
DHE-DSS-AES128-SHA, DHE-DSS-AES256-SHA,
DHE-DSS-CAMELLIA128-SHA, DHE-DSS-CAMELLIA256-SHA,
DHE-DSS-SEED-SHA, DHE-RSA-AES128-SHA,
DHE-RSA-AES256-SHA, DHE-RSA-CAMELLIA128-SHA,
DHE-RSA-CAMELLIA256-SHA, DHE-RSA-SEED-SHA
EDH-DSS-DES-CBC3-SHA, EDH-DSS-DES-CBC-SHA,
EDH-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC-SHA
RC4-MD5, RC4-SHA
SEED-SHA
2-6
Configuration Methods
"Configuring the