Querying Provisioning Server for Updated Files

Each time the Automatic Update feature is triggered, for each file and its configured URL the device does the following:

1. If you have configured the device to authenticate itself to the HTTP/S server for secure access, the device sends the access authentication username and password to the HTTP/S server (for more information, see Access Authentication with HTTP Server). If authentication succeeds, Step 2 occurs.
2. The device establishes an HTTP/S connection with the URL host (provisioning server). If the connection is HTTPS, the device verifies the certificate of the provisioning server, and presents its own certificate if requested by the server.
3. The device queries the provisioning server for the requested file by sending an HTTP Get request. This request contains the HTTP User-Agent Header, which identifies the device to the provisioning server. By default, the header includes the device's model name, MAC address, and currently installed software and configuration versions. Based on its own dynamic applications for logic decision making, the provisioning server uses this information to check if it has relevant files available for the device and determines which files must be downloaded (working in conjunction with the HTTP If-Modified-Since header, described further on in this section).

You can configure the information sent in the User-Agent header, using the [AupdHttpUserAgent] parameter or CLI command, configure system > http-user-agent. The information can include any user-defined string or the following supported string variable tags (case-sensitive):

<NAME>: product name, according to the installed License Key
<MAC>: device's MAC address
<VER>: software version currently installed on the device, e.g., "7.00.200.001"
<CONF>: configuration version, as configured by the ini file parameter, [INIFileVersion] or CLI command, configuration-version

The device automatically populates these tag variables with actual values in the sent header. By default, the device sends the following in the User-Agent header:

User-Agent: Mozilla/4.0 (compatible; AudioCodes; <NAME>;<VER>;<MAC>;<CONF>)

For example, if you configure [AupdHttpUserAgent] to "MyWorld-<NAME>;<VER>(<MAC>)", the device sends the following User-Agent header:

User-Agent: MyWorld-Mediant;7.00.200.001(00908F1DD0D3)

If you configure the [AupdHttpUserAgent] parameter with the <CONF> variable tag, you must restart the device with a save-to-flash for your settings to take effect.

4. If the provisioning server has relevant files available for the device, the following occurs, depending on file type and configuration:
File Download upon each Automatic Update process: This is applicable to software (.cmp) and configuration files.In the sent HTTP Get request, the device uses the HTTP If-Modified-Since header to determine whether to download these files. The header contains the date and time (timestamp) of when the device last downloaded the file from the specific URL. This date and time is regardless of whether the file was installed or not on the device. An example of an If-Modified-Since header is shown below:
If-Modified-Since: Mon, 1 January 2014 19:43:31 GMT

If the file on the provisioning server was unchanged (not modified) since the date and time specified in the header, the server replies with an HTTP 304 response and the file is not downloaded. If the file was modified, the provisioning server sends an HTTP 200 OK response with the file in the body of the HTTP response. The device downloads the file and compares the version of the file with the currently installed version on its flash memory. If the downloaded file is of a later version, the device installs it after the device restarts (which is only done after the device completes all file downloads); otherwise, the device doesn't restart and doesn't install the file.

To enable the automatic software (.cmp) file download method based on this timestamp method, use the [AutoCmpFileUrl] parameter or CLI command configure system > automatic-update > auto-firmware <URL>. The device uses the same configured URL to download the .cmp file for each subsequent Automatic Update process.

You can also enable the device to run a CRC on the downloaded configuration file to determine whether the file has changed in comparison to the previously downloaded file. Depending on the CRC result, the device can install or discard the downloaded file. For more information, see Cyclic Redundancy Check on Downloaded Configuration Files.

When this method is used, there is typically no need for the provisioning server to check the device’s current firmware version using the HTTP-User-Agent header.
The Automatic Update feature assumes that the Web server conforms to the HTTP standard. If the Web server ignores the If-Modified-Since header or doesn’t provide the current date and time during the HTTP 200 OK response, the device may restart itself repeatedly. To overcome this problem, modify the update frequency, using the [AutoUpdateFreqencySeconds] parameter or CLI command configure system > automatic update > update-frequency-sec.
One-time File Download: This is applicable to software (.cmp) and Auxiliary (e.g., License Key, CPT and Dial Plan) files. The device downloads these files only once, regardless of how many times the device may repeat the Automatic Update process. Once they are downloaded, the device discards their configured URLs. To update these files again, you need to configure their URL addresses and filenames again. Below is an example of how to configure URLs for some of these files:

Auxiliary Files:

ini:
CptFileURL = 'https://www.company.com/call_progress.dat'
FeatureKeyURL = 'https://www.company.com/License_Key.txt'
CLI:
(config-system)# automatic-update
(auto-update)# call-progress-tones http://www.company.com/call_progress.dat
(auto-update)# tls-root-cert https://company.com/root.pem

Software (.cmp) File:

ini:
CmpFileUrl = 'https://www.company.com/device/7.40A.600.203.cmp'
CLI:
(config-system)# automatic-update
(auto-update)# firmware https://www.company.com/device/7.40A.600.203.cmp
For one-time file download, the HTTP Get request sent by the device doesn't include the If-Modified-Since header. Instead, the HTTP-User-Agent header can be used in the HTTP Get request to determine whether firmware update is required.
When downloading TLS certificate files, it is recommended to use HTTPS with mutual authentication for secure transfer of the TLS Private Key.
For devices in HA mode, the License Key is applied to both active and redundant units.
5. If the device receives an HTTP 301/302/303 redirect response from the provisioning server, it establishes a connection with the new server at the redirect URL and re-sends the HTTP Get request.