Configuration Methods

HTTP/HTTPS Support

The Aastra Web UI supports both Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol over Secure Socket Layer (HTTPS) client and server protocols.

HTTP is the set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) over the Inter- net. When you open your Web browser, you are indirectly making use of HTTP. HTTP is an application protocol that runs on top of the TCP/IP suite of protocols (the foundation protocols for the Internet).

HTTPS is a Web protocol that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS uses Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under its regular HTTP applica- tion layering. SSL is a commonly-used protocol for managing the security of a message transmission on the Internet. It uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of encryption for commercial exchange. TLS is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any mes- sage. TLS is the successor to SSL.

Note:

HTTPS uses port 443 instead of HTTP port 80 in its interactions with the TCP/IP lower layer. Both the HTTP and HTTPS port numbers are configurable using the configuration files, the IP Phone UI, the Aastra Web UI and DHCP Option 66. For more information about configuring these ports, see Chapter 4, the section, “Configuring the Configuration Server Protocol” on page 4-87.

HTTP/HTTPS Client and Server Support

The Aastra IP phones allow for HTTP request processing and associated data transfers to perform over a secure connection (HTTPS). The IP phones support the following:

Transfer of firmware images, configuration files, script files, and web page content over a secure connection.

Web browser phone configuration over a secure connection

TLS 1.0or SSL 3.0 methods for both client and server

HTTPS Client

When an HTTPS client opens and closes its TCP socket, the SSL software respectively handshakes upon opening and dis- connects upon closing from the HTTPS server. The main HTTPS client functions are:

Downloading of configuration files and firmware images

Downloading of script files based on an “HTTPS://” URL supplied by a softkey definition

HTTPS Server

The HTTPS server provides HTTP functionality over secure connections. It coexists with the HTTP server but has its own set of tasks. The main HTTPS server functions are:

Delivery of web page content to a browser client over a secure connection

Execution of HTTP GET and POST requests received over a secure connection

Non-Blocking HTTP Connections

The IP Phones support a non-blocking HTTP connection feature. This feature allows the user to continue using the phone when there is a delay during an HTTP connection while the phone is waiting for the HTTP server to respond. This feature also allows a user to abort the connection and perform other operations on the phone (which will abort the HTTP connec- tion automatically). A user can also abort the HTTP loading by pressing the GOODBYE key while the phone is displaying “Loading Page.......”.

Note:

This feature impacts only the HTTP calls triggered by a phone key (softkey or programmable key); the HTTP calls per- formed by action URIs are still blocking.

41-001343-02 REV04 – 05.2014

2-7

Page 81
Image 81
Aastra Telecom 41-001343-02 manual HTTP/HTTPS Support, HTTP/HTTPS Client and Server Support, Non-Blocking Http Connections