/mcpStep 7 Click Save. Enable SIP OAuth Mode Use the Command Line Interface to enable SIP OAuth mode. Enabling this feature on the publisher node also enables the feature on all cluster nodes. Before you begin From Release 14SU1 onwards, when Proxy TFTP is enabled, you should copy the root CA certificate for the off-cluster Tomcat certificate to the proxy phone edge trust. Procedure Step 1 On the Unified Communications Manager publisher node, log in to the Command Line Interface. Step 2 Run the utils sipOAuth-mode enable CLI command. From Release 14 onwards, the system updates the read-only Cluster SIPOAuth Mode enterprise parameter to Enabled. Restart Cisco CallManager Service After enabling SIP OAuth through CLI, restart the Cisco CallManager service on all nodes where endpoints register through SIP OAuth. Procedure Step 1 From Cisco Unified Serviceability, choose Tools > Control Center > Feature Services. Step 2 From the Server drop-down list, select the server. Step 3 Check the Cisco CallManager service and click Restart. Configure Device Security Mode in Phone Security Profile Use this procedure to configure the device security mode in the phone security profile and is required only if you have set the Device Security Mode within that phone’s Phone Security Profile to Encrypted. Procedure Step 1 From Cisco Unified CM Administration, choose System > Security > Phone Security Profile. Step 2 Perform either of the following: Feature Configuration Guide for Cisco Unified Communications Manager, Release 15 and SUs 801 Advanced Call Processing Enable SIP OAuth Mode