We are normal, try to stay as stock as possible, FreePBX users with many PBXes. We are a Yealink shop, with a few T28 and T38 phones, lots of T4xG phones, and quite a few newer T5x phones.
We have been using Comodo for SSL certs for many years in many applications. Comodo sold out to Sectigo. Sectigo is not a trusted cert for any Yealink phone.
We then started using Let’s Encrypt. Works fine on T5X phones, not so much on T4X phones. The T4X phone’s firmware will never be updated again and does not support Let’s Encrypt X3.
From who should I buy SSL certs? Want to be cost effective, we will need to buy a wildcard cert. Want it trusted by Yealink phones (that is the hardest) as well as all browsers, etc. I know the Yealink list is out there, just looking for advice as the Yealink list of SSL providers that are supported is long (and misleading as they say they support Let’s Encrypt X1 and X2, which are EOLed, so they do not support LE based on the fact they do not support LE X3).
Advice appreciated!!