D-Series telephones and the Switchvox Mobile Softphone possess an embedded certificate that is used to encrypt their communications with a Sangoma phone system server. The certificate will expire on Friday, May 28, 2021 at 4:45:20pm EDT (GMT -5). If this certificate is invalid, D-Series phones and the Switchvox Mobile softphone are unable to provision against any Switchvox or DPMA-equipped system. There is no in-place mechanism for remotely forcing an update on a server that will provide remediation.
What is Affected?
- All released versions of Switchvox that support D-Series telephones and/or the Switchvox mobile softphone including versions 5.5 through 7.6.1.
- FreePBX and PBXact systems using the deprecated “Digium Phones Add-On for FreePBX”
- FreePBX and PBXact systems using the “DPMA” option for Endpoint manager
- All released versions of DPMA used with open source Asterisk.
Sangoma has produced new versions of DPMA, Proxy, D-Series telephone firmware, and Switchvox mobile softphone that remediate the problem. Administrators (except Switchvox Cloud and PBXact UCC) MUST take action prior to the expiration date. For Switchvox users on 7.x, the new firmware is included in Switchvox version 7.6.2. For Switchvox users on 6.x or 5.x, the new releases are 6.8 and 5.12 respectively.
Steps to Take
Sangoma has developed quick to implement and future proof solutions. Please visit the resource page for complete information on how to resolve the issue.
Action must be taken before May 28, 2021