41-001343-01 Rev 02, Release 3.2.2
2-7
HTTP/HTTPS Client and Server Support
The Aastra IP phones allow for HTTP request processing and associated data transfers to perform
over a secure connection (HTTPS). The IP phones support the following:
•
Transfer of firmware images, configuration files, script files, and web page content over a
secure connection.
•
Web browser phone configuration over a secure connection.
•
TLS 1.0or SSL 3.0 methods for both client and server
HTTPS Client
When an HTTPS client opens and closes its TCP socket, the SSL software respectively
handshakes upon opening and disconnects upon closing from the HTTPS server. The main HTTPS
client functions are:
•
Downloading of configuration files and firmware images.
•
Downloading of script files based on an “HTTPS://” URL supplied by a softkey definition.
HTTPS Server
The HTTPS server provides HTTP functionality over secure connections. It coexists with the
HTTP server but has its own set of tasks. The main HTTPS server functions are:
•
Delivery of web page content to a browser client over a secure connection.
•
Execution of HTTP GET and POST requests received over a secure connection
Non-Blocking HTTP Connections
The IP Phones support a non-blocking HTTP connection feature.
This feature allows the user to
continue using the phone when there is a delay during an HTTP connection while the
phone is waiting for the HTTP server to respond.
This feature also allows a user to abort the
connection and perform other operations on the phone (which will abort the HTTP connection
automatically). A user can also abort the HTTP loading by pressing the GOODBYE key while the
phone is displaying “Loading Page.......”.
Authentication Support for HTTP/HTTPS Download Methods for Broadsoft Client
Management System (CMS)
The IP Phones have authentication support per RFC 2617 when using HTTP or HTTPS as
download protocols. If a 5i Series phone is challenged by an HTTP or HTTPS server when the
server attempts to download the
aastra.cfg
file, the phone automatically sends "
aastra
" as the
default Username and Password back to the server. For more information about this feature, see
Chapter 5, the section,
“Authentication Support for HTTP/HTTPS Download Methods, used with
Broadsoft Client Management System (CMS)”
on
page 5-339
.
Note:
This feature impacts only the HTTP calls triggered by a phone key
(softkey or programmable key); the HTTP calls performed by action
URIs are still blocking.