I can not find any information if SHA-2 certificates are supported by snom phones.
One of our clients has difficulties with it. They have 184.108.40.206 UC firmware version on D715 phone.
Needless to say that all newer CAs are SHA-2 certificates.
So, my question is whether SHA-2 is supported or not? If not then when do you plan to add it?
Jan 27 14:32:34 [ERROR ] TLS: Unsupported signature alg 1.2.840.1135220.127.116.11 (unknownObjectIdentifier) in cert CN=sip.....ee,O=Some Company,L=Tallinn,ST=Harjumaa,C=EE
Jan 27 14:32:34 [ERROR ] TLS: Refusing connection due to Invalid or unknown Certificate
Jan 27 14:32:34 [FATAL ] PHN: tls.cpp (1685) str tls::get_digest(const str&, const str&, const str&): SNOM_ASSERT(mac_key.is_set()) failed
Jan 27 14:32:34 [FATAL ] PHN: aes.cpp (607) str Aes::Encrypt(const str&): SNOM_ASSERT(iv.is_set()) failed
Jan 27 14:32:34 [FATAL ] PHN: aes.cpp (620) str Aes::Encrypt(const str&): SNOM_ASSERT(iv.length() == blocksize) failed
Jan 27 14:32:34 [FATAL ] PHN: str.cpp (1393) str str::l_xor(const str&) const: SNOM_ASSERT(alen == blen) failedJan 27 14:32:34 [ERROR ] PHN: TPL: Socket Error: 2879/34/connected, Tls error, closing
SHA-2 support came in firmware 18.104.22.168 to all devices except for the Snom 300, 320, 360 and 370. I'm not sure about the UC firmware, but versions released after 22.214.171.124 came out in mid-2014 likely also have SHA-2 support.