TLS handshake overview
Initially, when a client wants to establish a secure connection to a server, some parameters are negotiated, this phase is called the handshake procedure. One of these parameters is the supported cipher suites defining the encryption algorithms required to encrypt the traffic. In a next step, the server sends a digital certificate that contains its public encryption key, the trusted certificate authority (issuer) and a signature of the certificate.
The client may reject the connection if the identity of the server or the issuer is unknown. Usually, the client has a list of trusted server certificates and a list of trusted certificate authorities (CA). If the server certificate is considered trusted or if the identification from the server is signed by one of these CAs, the client typically permits the connection and delivers a random number encrypted with the server's public key to the server. As only the server can decrypt this number with its private key, it is used as the session key to encrypt and decrypt the traffic.
Optionally the server can "ask" the client for the certificate. In that case the client must send a TLS certificate. Now the server can authenticate or deny the request based on the client certificate.
If the identification from the server is signed by one of these CAs, the client typically permits the connection and delivers a random number encrypted with the server's public key to the server. As only the server can decrypt this number with its private key, it is used as the session key to encrypt and decrypt the traffic.
Your phone acts as a TLS client in various cases:
- SIP connections with TLS as transport protocol
- Provisioning requests
- Action URL HTTPs requests
- HTTPS requests to an URL triggered by function keys
- Minibrowser applications served by an HTTPS server
- LDAP server providing the business contacts
When TLS is used a mutual authentication of the client and the server can be performed by the phone and the server.
Setting-Up the phone for TLS
The built-in certificate
Every Snom phone (except the old 3xx series) is produced with a built-in TLS certificate on board.
Every device certificate is issued by the Snom Certification Authority. The built-in certificate contains the the device MAC address into the DN x.509 attribute.
Thanks to the built-in certificate, a server using the TLS protocol can:
- verify the issuer of the certificate, checking the certificate signature against the Snom CA: in other words the server can make sure that the request comes from a Snom phone
- verify the DN of the client certificate, checking the MAC within the offered certificate and the requested resource. The server can authorise the specific device to the resource
Uploading the Phone Certificate
In fact, no special configuration is required. Every out-of-the-box Snom phone has a certificate built-in to the firmware along with its private key. You can retrieve this certificate by pointing your browser to your phone's web interface via secure HTTP (HTTPS). Usually you will have to confirm that you trust this identification since your browser could not identify your phone. After confirming, your connection to the web interface will be encrypted.
You can also specify your own client certificate in the webserver_cert setting. In this case, make sure you are provisioning the certificate and the key in a trusted environment, see below how to provision a custom certificate.
Authentication of the devices
The TLS server can be configured to check the client identity via the TLS authentication: as described into the previous section, during the TLS handshake, the server asks the client for the certificate. The Snom phone will send the built-in certificate, now the server can check the issuer of the client certificate and permit or deny the request.
Since device MAC address is mentioned into the built-in certificate CN, the web server can also authorize or deny the request based on the requested URL and the presented client certificate.
In order to configure the client authentication, you will need to import the Snom Certification Authority certificates into your TLS server.
Starting with fw 18.104.22.168 and 10.1.x we support the SHA-2 algorithm, new phone models are already equipped with a SHA-2 built-in certificate. In case you are using devices with SHA-2 certificate you will need to import also the Snom SHA-2 CA public certificate.
|Phone model||Supported Hash algorithm||Built-in certificate|
|Snom D120||SHA-1, SHA2||SHA-2|
|Snom 710 / D710||SHA-1, SHA-2 (fw >= 22.214.171.124)||SHA-1|
|Snom 715 / D715||SHA-1, SHA2 (fw >= 126.96.36.199)||SHA-1|
|Snom D712||SHA-1, SHA2 (fw >= 188.8.131.52)||SHA-1|
|Snom 720||SHA-1, SHA2 (fw >= 184.108.40.206)||SHA-1|
|Snom 760||SHA-1, SHA-2 (fw >= 220.127.116.11)||SHA-1|
|Snom D725||SHA-1, SHA2 (fw >= 18.104.22.168)||SHA-1|
|Snom D735||SHA-1, SHA2||SHA-2|
|Snom D745||SHA-1, SHA2 (fw >= 22.214.171.124)||SHA-1|
|Snom D765||SHA-1, SHA2 (fw >= 126.96.36.199)||SHA-1|
|Snom D785||SHA-1, SHA2||SHA-2|
|Snom D305||SHA-1, SHA2 (fw >= 188.8.131.52)||SHA-1|
|Snom D315||SHA-1, SHA2 (fw >= 184.108.40.206)||SHA-1|
|Snom D345||SHA-1, SHA2 (fw >= 220.127.116.11)||SHA-1|
|Snom D375||SHA-1, SHA2 (fw >= 18.104.22.168)||SHA-1|
|Snom D385||SHA-1, SHA2||SHA-2|
The following devices: 300, 320, 370, PA1 and MP are produced with a common Snom certificate, so the built-in certificate isn't unique per-device and doesn't mention the MAC address into the CN
Upgrade to SHA-2
Upgrading a SHA-1 native device to SHA-2 requires a firmware patch specific per device, this patch contains the SHA-2 certificate and must be requested to the Snom tech support.
Snom Certification Authority public certificates
From the following links you can download:
As SHA1 gets widely deprecated and SHA2 becomes more and more the standard, support for it is getting mandatory in real world deployments.
SHA-2 Snom root CA support starts with v22.214.171.124 and v10.1.X.
- Version 8.x
In version 8.x, you do not need to worry about the server identification. Snom phones do not verify server identities by default. Starting with FW version 8.2.30 you can enable a setting to require verification of server certificates though. You can activate the feature on the certificates page of the web interface:
- Version 10.x
As of version 10.x, Snom has decided to force the server identity verification. This verification cannot be disabled because that would create a security weakness for the Snom Phones.
In addition to the server certificate a phone can also verify the identity of the server checking if the certificate DN matches the server name FQDN. This can be done via the setting check_fqdn_against_server_cert. The behaviour of the server name validation can be modified via the setting host_name_validation_flags.
Adding Unknown Certificates
The phone will reject a connection if it cannot verify the identification with the certificate delivered by the server. If this happens, the following notification will appear on the screen:
A certificate is trusted if its signature is signed by a certificate authority. Snom has pre-installed a list of CAs which are listed on the Certificate Authorities tab of the Certificates page. This list is automatically updated based on the Mozilla official list, at every new firmware upgrade.
All rejected certificates are listed in the Unknown Certificates tab. If you want to permanently trust a certificate you can add it as an exception:
After adding it as an exception in the Server Certificates tab a connection from a peer using this certificate will no longer be rejected.
Manually Uploading Certificates
In admin mode, you can manually upload certificates signed by one of the phone’s accepted authorities or server certificates in the Unknown Certificates tab. Every attempt to upload an unknown certificate will fail. In case of upload failures, please refer to the log and make sure your certificate is in DER format and is signed by one of phone's authorities or server certificates.
Uploading Server Certificates via Provisioning
You can upload a server certificate using auto provisioning. For this, the download link to the certificate needs to be placed within the XML.
The certificates settings (<certificates> tag) contains the trusted server certificates. This XML tag can be used either inside the <settings> tag or as an individual XML file whose URL is listed inside <setting-files> tag
The tag contains an attribute with the URL of the certificate file to fetch:
Please note that the download of the certificate is delayed after all provisioning xml files have been loaded and processed.
Beginning with firmware release 126.96.36.199/188.8.131.52 a second variant of this tag is supported, where the content of the certificate file is included as a base64 encoded string:
The benefit of this variant is that the certificate is immediately available after processing the line in the provisioning XML.
You can get the base64 encoded certificate out of the PEM format, removing the BEGIN / END taglines:
If you decide to provide the download link(s) in an additional XML file, this is how it could look like:
The attributes url and base64 can be combined in the same file, as the following example:
All provisioned certificates need to be signed by one of the phone's server or authority certificates (this restriction was removed starting with firmware revisions 184.108.40.206/220.127.116.11). Make sure the supplied certificates are in DER format.
Phone's Web Server Certificate
The phone uses the built-in certificate also as a certificate for the web user interface when accessed via HTTPS. Currently Snom phones come with SHA1(RSA, 1024 bit key length) or SHA2(RSA, 2048 bit key length) certificates.
Starting from firmware 18.104.22.168 it is possible to switch the certificate via the setting phone_cert_type to a SHA256 certificate .
Supported Cipher Suites
|Phone||Firmware||Protocol Version||Key Exchange||Authentication||Block Cipher||Key Length|
|Mode of Operation||Message Authentication Code||Notes|
|snom300||22.214.171.124.9||SSL 3, TLS 1.0||DH, RSA||NULL, RSA||3DES, DES, NULL, RC4||56, 128, 168||CBC||MD5, SHA1||Firmware version not|
supported anymore (EoL).
It is highly recommended to
upgrade to a higher version.
|snom300||126.96.36.199||TLS 1.0||DH, RSA||NULL, RSA||3DES, AES, DES, NULL, RC4||56, 128, 168||CBC||MD5, SHA1||* Since firmware version 188.8.131.52|
the snom710 has the same
TLS-properties as the snom715
* Starting with version 184.108.40.206
3DES, DES, NULL and RC4
have been removed from the
supported block ciphers.
|snom715||TLS 1.0, TLS 1.1,|
|DH, ECDH, RSA, SRP||DSS, ECDSA, RSA||3DES, AES, Camellia||128, 168, 256||CBC, GCM||SHA1, SHA256, SHA384|
|snomD305||220.127.116.11||TLS 1.0, TLS 1.1,|
|DH, ECDH, RSA||ECDSA, RSA||AES||128, 256||CBC, GCM||SHA1, SHA256, SHA384|
|TLS 1.0, TLS 1.1,|
|DH, ECDH, RSA||ECDSA, RSA||AES||128, 256||CBC, GCM||SHA1, SHA256, SHA384|
- No support of Certificate Revocation Lists (CRL).
- No support for Certificate Lifecycle Management (e.g. SCEP).