#in Upgrading of Cisco 7900 Series firmware

2nd February 2012

Upgrading of Cisco 7900 Series firmware

This one has come up a few times recently.

Some background info to explain why you can’t directly upgrade to firmware version 8.5(3) from anything lower than 8.3(3) on 7900 series IP phones.

Basically Cisco change the CA that signed the phone load certificates. Between versions 8.3(3) and 8.5(2) the phone loads contained both the old and new CA certificates. Version 8.5(3) and higher only contains the new CA certificate.

So basically, if you try and upgrade from 8.3(2) or lower to 8.5(3) or higher the phone doesn’t trust the new CA certificate and you get an “auth fail” message. This is also true if you do a factory reset on an old phone – i.e. one that has the old CA certificate burnt into it in the factory.

Cisco have apparently “lost” the old CA certificate, so it will never be seen again.

So the lesson here is to always have a copy of 8.3(3) lurking around that you can get your hands on.

Barry Hesk

Intrinsic Communications Connect

Keeping you up to date on the world of IT Communications

Upgrading of Cisco 7900 Series firmware

Leave a Reply Cancel reply