Invalid Server Certificate – activating Spark Phone with Meraki Infrastructure WBX000023772

This will be a quick post, with a quick issue and the solution.

The issue

Some new phones needed to be activated along with a full network infrastructure deployment using Meraki gear. Meraki in my eyes was scary easy to set up, also thankfully it was already set-up for me on the cloud by a co-worker in advance.

When it was time to activate the new Spark phones, I was receiving a weird “Invalid Certificate” message that I’d never seen before. basically when receiving these type of errors, few things could be happening:
– The certificate has expired (Unlikely)
– The time on the device is wrong

The analysis

I noticed 2 things based on the configuration of the MX64 device, the DNS gets pushed to the clients as the the Firewall itself, also the NTP reference is also pushed as the Firewall itself. This is fine is we are dealing with devices that don’t need to rely on an NTP or DNS server for basic functions. As you know phones and voice stuff is very delicate when dealing with these variables

The Solution

I found the following KB article that lists the issue: Webex/Spark KB

NTP Server Settings:

I configured one of the Tandberg servers as the NTP on this case

DNS Server Settings:

Also my provider is using the Google IP addresses for DNS resolution

What to look forward to?

Meraki and Spark are very easy to set-up, in other words scary easy! – I think this is where technology is headed these days so it makes it very useful for everybody out there.

About the Author:

Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 13 years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.

You can follow Andres using Twitter, LinkedIn or Facebook

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top