Yealink Provisioning in Papal and NetXUSA

Yealink phones support remote provisioning via a system Yealink calls Auto Provision. This can be configured in a number of ways. Here at Ringfree we have a Yealink provisioning server set up and configured to use HTTPS for Auto Provision. The provisioning server makes use of HTTP Basic Authentication in order to secure the configuration details.

When ordering new Yealink phones from NetXUSA, the provisioning options can (and should) be specified prior to placing the order. To do this, after adding the phone(s) to your cart, but prior to checkout, use the Services dropdown on the cart page and select Configuration. This will bring you to the page with the provisioning options.


The precise location of the necessary provisioning options varies among the various phone models but are functionally all the same. Be sure that the selected template includes the words disable trusted, locate the option labeled PROVISIONING_SERVER and enter the following replacing <CTID> with the appropriate value:<CTID>

Next location the PROVISIONING_SERVER_USERNAME field and enter the CTID. Finally locate the PROVISIONING_SERVER_PASSWORD and enter the password set on the provisioning server as described above. You may then save your changes and proceed with the order as normal.


Configuring a Yealink Phone Sourced Elsewhere

To configure a Yealink phone for Ringfree’s provisioning server that has been sourced from somewhere besides NetXUSA, steps need to be taken in order to ensure that the phone and the server can communicate properly. It is highly recommended that a phone sourced elsewhere be reset to factory settings and upgraded to the latest firmware version prior to proceeding with the following steps.

Most notably Yealink phones are, by default, configured to only communicate with trusted servers identified by loading a certificate into the phone. Given the relative inconvenience of loading a copy of the provisioning server certificate into each phone and the absence of any serious security threat, the option within the phone labeled Only Accept Trusted Certificates needs to be disabled. To do this, perform the following:

  1. Access the phone’s web interface by navigating to the phone’s IP address in a browser
  2. Log into the phone; the default username is admin and the default password is admin
  3. Click on the Security tab across the top
  4. Click on the Trusted Certificates option in the right sidebar
  5. Locate the Only Accept Trusted Certificates option and set it to Disabled
  6. Click the Confirm button to save the change and reboot the phone

Once completed, return to the phone’s web interface where you’ll now need to input the settings for the Auto Provision service:

  1. Click on the Settings tab across the top
  2. Click on the Auto Provision option in the right sidebar
  3. Locate the Server URL option and input the PROVISIONING_SERVER value from above; using Ringfree’s PBX as an example, the value would be
  4. Enter the CTID into the field labeled User Name
  5. Enter the password as configured on the provisioning server into the field labeled Password
  6. Click on the Confirm button to save the changes

At this point the phone should be able to communicate with Ringfree’s provisioning server presuming that configuration files for that device have been generated.

Generating Configuration Files Within Papal

Papal contains a tool called YConf for generating configuration files for Yealink phones. To access YConf, navigate to the pbxadmin or pbxuser interface for the appropriate CTID and click the link in the header. Alternatively you can navigate directly to YConf using the following by replacing <CTID> with the appropriate CTID:<CTID>/yconf


Once loaded, you will have the option to add a new device configuration or you may click the appropriately labeled buttons to set a password or edit an existing configuration. If a password has not already been established for this CTID, please proceed to set one. Note that the passwords are encrypted when they’re stored so please make a note of the password somewhere reasonably accessible such as within the customer’s account notes. Setting a new password after one has already been established can prevent previously provisioned phones from being able to update so if you’re unsure as to whether or not a CTID has a password established already, please consult with John Knight or Kendall Weaver.

If adding a new configuration you will need to first input the device MAC address and specify the device model. The MAC address field is not case sensitive, but please enter it sans punctuation or delimiters.


Next enter the account information. It is advisable to follow any established conventions for the customer regarding the Label and Display Name fields. If there is no data for the Label and Display Name fields, simply enter the extension number into one or both as needed.

Scroll to the bottom and click the Submit button to save the configuration thus far. Once you’ve done so, you will see the option to configure additional accounts and/or Line Keys depending upon the particular options supported by the specific phone model. There is also a text area for custom configuration that is beyond the scope of this article.


The number of accounts is dependent upon phone model with some models supporting up to 16 accounts. Due to the relative rarity of needing multiple accounts, you may only enter up to one new account at a time.

When configuring the Line Keys, there are a number of options, not all of which are relevant to all line key types. To briefly describe the line key types:

  • Disabled – This disables the key, the remaining fields will be ignored.
  • Line – This key type instantiates a new phone call on the specified account or allows the user to quickly switch between multiple phone calls on the same or different accounts. This type accepts a Label but ignores the contents of the Value field.
  • Speed Dial – This key type instantiates a new call from the specified account to the number specified in the Value field. This number can be any valid number the account is capable of dialing. The Label field is also used.
  • BLF -The Busy Lamp Field key type is used to monitor the call status of the extension specified in the Value field and also works as a speed dial for that extension. The extension must be on the same PBX as the account specified. The Label field is also used.
  • Zero Touch – This key type is used to initiate the Auto Provision function and will cause the phone to download the current configuration files from the provisioning server. This type accepts a Label but ignores the Acct and Value fields.
  • Directory – This key type opens the directory stored on supported phone models. This type accepts a Label but ignores the Acct and Value fields.

Line keys can be dragged and dropped in the YConf interface. At present there is a bug in Firefox’s JavaScript engine which prevents changing the key type. This bug is not known to be present in other browsers.