Trust on first use
The phones support the following Trust on first use scenarios:
-
A new, out of the box phone, or a phone after resetting to default, that attempts to connect to the provisioning server using TLS.
-
The provisioning server presents its identity certificate, but the phone does not have any CA Certificates configured.
-
The phone will accept the presented server identity certificate given the above Server certificate validation passes except for the trust CA certificate chain validationNote:Trust on first use only applies to a TLS connection to a provisioning server, it does not apply to services such as SIP, LDAP or Syslog,and others.