I have a Cisco CP-7841 working using UDP/RTP to my FreePBX 15.0.16.73/Asterisk 17.4.0 server.
I want to use TLS/SRTP.
I have reviewed this list https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/cuipph/all_models/ca-list/CA-Trust-List.pdf and installed a certificate from Godaddy on my FreePBX server.
I have configured my PJSIP channel settings to use my Godaddy cert, tls - 0.0.0.0 = yes, SSL method = default. I have configured an extension transport = 0.0.0.0-tls, media encryption = SRTP via in-SDP, Allow Non-Encrypted Media = No.
I configured my CP-7841 SIP Transport = TLS, SIP port = 5061
My Zoiper Softphone connects using TLS/SRTP.
My Cisco CP-7841 never registers.
Are you running the latest firmware from Cisco on the phone?
To be honest you probably would get more help with a different model phone such as a Polycom. Used ones of those are readily and cheaply available and there are TLS/SRTP configs on the Internet for them.
The people here seem to have a real dislike of Cisco.
I use Cisco phones myself (not your model, older models) on my FreePBX system and have been told innumerable times that they don’t work at all (untrue) or work poorly (also untrue)
Otherwise you can just buy a service agreement on your phone and have TAC fix the problem.
You can probably ebay that 3PCC phone for $80 used thus making it almost an even trade-in on the cost. I get it sometimes it’s just not worth banging your head against the wall on these stupid phones. I have seen so many sweet deals on used VoIP gear that I’ve just walked on by. My one attempt with an “orphan” was with an RCA voip phone. I got it to work -finally- more as a he-man masters of the universe thing. But it’s difficulty in figuring out was only eclipsed by it’s crappiness as an instrument and it’s in a box somewhere right now…