Specifications
Administrator’s Guide for SIP-T2xP IP Phones
216
For security, administrator should upload encrypted configuration files,
<y0000000000xx_Security>.enc and/or <MAC_Security>.enc files to the root directory of
the provisioning server. During auto provisioning, the IP phone requests to download
<y0000000000xx>.cfg file first. If the downloaded configuration file is encrypted, the
phone will request to download <y0000000000xx_Security>.enc file (if enabled) and
decrypt <y0000000000xx>.cfg file into the plaintext key (e.g., key2) using the built-in key
(e.g., key1). Then the IP phone decrypts <y0000000000xx>.cfg file using key2. After
decryption, the IP phone resolves configuration files and updates configuration settings
onto the IP phone system.
The way the IP phone processes the <MAC>.cfg file is the same as the
<y0000000000xx>.cfg file.
Procedure to Encrypt Configuration Files
To encrypt the <y0000000000xx>.cfg file:
1. Double click “Config_Encrypt_Tool.exe” to start the application tool.
The screenshot of the main page is shown as below:
2. Click Browse to locate configuration file(s) (e.g., y000000000000.cfg) from your
local system in the Select File(s) field.
To select multiply configuration files, you can select the first file and then press and
hold the Ctrl key and select the next files.
3. (Optional.) Click Browse to locate the target directory from your local system in the
Target Directory field.
4. (Optional.) Mark the desired radio box in the AES Model field.
If you mark the Manual radio box, you can enter an AES key in the AES KEY field or
click Re-Generate to generate an AES key in the AES KEY field. The configuration
file(s) will be encrypted using the AES key in the AES KEY field.
If you mark the Auto Generate radio box, the configuration file(s) will be encrypted
using random AES key. The AES keys of configuration files are different.
Note
AES keys must be 16 characters and the supported characters contain: 0 ~ 9, A ~ Z, a ~ z.