Procedure To Encrypt Configuration Files - Yealink SIP-T48G Administrator's Manual

For security reasons, administrator should upload encrypted configuration files,
<y0000000000xx_Security>.enc and/or <MAC_Security>.enc files to the root directory
of the provisioning server. During auto provisioning, the IP phone requests to download
<y0000000000xx>.cfg file first. If the downloaded configuration file is encrypted, the IP
phone will request to download <y0000000000xx_Security>.enc file (if enabled) and
decrypt it into the plaintext key (e.g., key2) using the built-in key (e.g., key1). Then the IP
phone decrypts <y0000000000xx>.cfg file using key2. After decryption, the IP phone
resolves configuration files and updates configuration settings onto the IP phone
system.
The way the IP phone processes the <MAC>.cfg file is the same to that of
the<y0000000000xx>.cfg file.

Procedure to Encrypt Configuration Files

To encrypt the <y0000000000xx>.cfg file:
1. Double click "Config_Encrypt_Tool.exe" to start the application tool.
The screenshot of the main page is shown as below:
When you start the application tool, a file folder named "Encrypted" is created
automatically in the directory where the application tool is located.
2. Click Browse to locate configuration file(s) (e.g., y000000000044.cfg) from your
local system in the Select File(s) field.
To select multiple configuration files, you can select the first file and then press and
hold the Ctrl key and select the next files.
3. (Optional.) Click Browse to locate the target directory from your local system in the
Target Directory field.
The tool uses the file folder "Encrypted" as the target directory by default.
4. (Optional.) Mark the desired radio box in the AES Model field.
If you mark the Manual radio box, you can enter an AES key in the AES KEY field or
click Re-Generate to generate an AES key in the AES KEY field. The configuration
file(s) will be encrypted using the AES key in the AES KEY field.
Configuring Security Features
733