We have our phones find the provisioning server by using DHCP option 66. They properly pull the initial cfg over https, but inside the cfg, all of the url’s for firmware, background images etc are http only. I manually edited the cfg to all https and the phone properly provisioned everything over https.
How do I get EPM (commercial) to write the cfg with https requests? I have tried going to system admin->Port management and disabling port 84 (http provisioning) leaving only https (port 1443).
But now in EPM when I try to rebuild the phone config I get an error:
“Selected template[‘template’] requested provisioning protocol ‘hpro’ is not enabled. Please either enalbe ‘hpro’ in System Admin module or change protocol in template.”
hpro? Not sure what that one is, nor can I find a reference to it in the System Admin module.
Yealink SIP-T48S. I’ve verified the phone itself will support all https requests by manually editing the cfg file. But obviously the template will overwrite this the next time the configs are written.
You can get HTTPS to work by using custom instead of selecting http/tftp and it works for newer Yealinks but the older ones it doesn’t work for, older than t28
Wish I could give a “solved” to both of you. But you’re correct, using a custom provisioning URL worked. I verified by running tcpdump on both port 84 and 1443 while provisioning a new phone and by looking at the contents of the .cfg.
Fortunately all our phones are SIP-T48S and SIP-T49G, so they both support all https.