I want Sangoma phones to auto-provision via https against
a provisioning-server. To achieve that, I need to add the Root Certificate
that has been used to derive the phones client-cert that the phone is using
to establish the HTTPS connection to the provisioning-server.
The root CA has the following issuer:
C = CA, ST = Ontario, O = Sangoma Corporation, OU = Provisioning, CN = Phone Signing Key (2016-2018), emailAddress = security(at)sangoma(dot)com
Is there any place this root cert can be downloaded?
Maybe I am missing something, but can you not just get a Free certificate from Let’s Encrypt? I am confused why you need a certificate signed by Sangoma. Of course, this is possibly true and I just don’t know the product well enough.
…let me clarify: when the sangoma phone connects to my provisioning server using https, the
server checks the certificate the phone provides when establishing the tls-connection against
a set of trusted roots. As I do not currently have the root cert that has been used by sangoma
to create the provisioning client certs that are stored in each phone, I cannot make sure that
the certificate chain is ok and the establishment of the tls connection fails…
@TobiasE I’m not able to get you an answer to this question immediately. If you want to ensure an answer from Sangoma, I would recommend opening a support case with us for this under the “Phone Hardware” category that way the issue doesn’t get buried.