Auto Provisioning Failure since October due to the Expired Let's Encrypt ISRG Root X1 CA Cert on Yealink Phone

Applicability

  • Model: S-Series Cloud PBX, P-Series Cloud PBX
  • Firmware version: Any
  • IP Phone: Yealink and other brand phone use expired ISRG Root X1 CA cert

 

Symptom

  • Auto Provisioning failure since October 2021 for Yealink IP phone. 
  • Previously remote phonebook is working, but it starts to have phonebook update failure since October 2021 for Yealink IP phone. 
  • TLS registration failure since since October 2021 for Yealink IP phone.

 

Cause

In this article, we take Yealink IP phone as example.

The Yeastar Hosted Cloud PBX uses Let's Encrypt ISRG Root X1 domain valid certificate. However, the ISRG Root X1 CA certificates loaded on old version Yealink phone have been expired since Oct 6, 2021. 

mceclip0.png

This will make PBX reject the TLS handshake when doing HTTPS based provisioning processs.

 

Solution

Upgarde the Yealink phone to the latest version. Because the latest version will include the updated ISRG Root X1 CA certificate.

You can find the new it in the scroll down list. The expiration date has been updated to the year of 2035.

mceclip1.png

 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.