Table of Contents
Advertisement
Provisioning Tutorial
Profile Formats
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
Cisco Small Business IP Telephony Devices Provisioning Guide
Upon resync, the new file is downloaded by the IP Telephony Device and used to
update its parameters.
The file size of such a small profile is not reduced by gzip. Compression is only
useful with larger profiles.
For integration into customized back-end provisioning server solutions, the open
source zlib compression library can be used in place of the standalone gzip utility
to perform the profile compression. However, the IP Telephony Device expects the
file to contain a valid gzip header.
Profile Encryption
A compressed or uncompressed profile can be encrypted. This is useful when the
confidentiality of the profile information is of particular concern, such as when
using TFTP or HTTP for communication between the IP Telephony Device and the
provisioning server.
The IP Telephony Device supports symmetric key encryption by using the 256-bit
AES algorithm. This encryption can be performed by using the open source
OpenSSL package.
Exercise
Install OpenSSL on a local PC.
This might require recompilation to enable AES.
Starting from the XML profile in basic.txt, generate an encrypted file with the
following command:
openssl enc –aes-256-cbc –k MyOwnSecret –in basic.txt –out basic.cfg
The compressed basic.txt.gz file could be used instead because the XML profile
can be both compressed and encrypted.
Store the encrypted file basic.cfg in the TFTP server virtual root directory.
Modify the Profile_Rule on the test device to resync to the encrypted file in place
of the original XML file. The encryption key is made known to the IP Telephony
Device with the following URL option:
[--key MyOwnSecret ] tftp://192.168.1.200/basic.cfg
Click Submit All Changes.
3
76
Advertisement
Table of Contents
