Problems configuring Asterisk with huawei esapce 8950 IP phone on TLS

I am trying to configure Huawei IP phone espace 8950 with asterisk 13.
I have successfully make the call when transport UDP is selected. But when shifting to TLS user can not get register.

I am using following link to generate my TLS certificates and configuration of asteisk server.
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial

and following are my configuration in sip.conf

[general]
tlsenable=yes
tlsbindaddr=0.0.0.0:5061
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1
tlsdontverifyserver=yes
pedantic=no

[malcolm]
type=friend
secret=1234
host=dynamic
context=project
videosupport=yes
dtmfmode=rfc2833
disallow=all
allow=g722
transport=tls

when i connect with softphone(Blink, MIcro Sip & PhonerLite) using my PC i am succesfully able to make call. I can also successfully able to connect and make calls using Linphone from mobile.
But when i try registering from Huawei espace 8950 IP phone i get following error.

Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

Now on searching online this specific error most of the answer state that the issue was solved when certificates was regenerated i;ve doen it couple times but still no success.

My question is where i am making the mistake?
Does this IP phone support self signed certificates? because i’ve uploaded certificates using the Phone portal but the phone still not recognizing CA.
Any help in this regard will be helpful
Thanks in advnace

There might be another option you need to check on the phone that actually enables the CAs you upload for certain specific purposes eg. SIP registration CA checks vs. phone micro-browser to HTTPS website CA checks. Or it is possible the phone needs an alternate file format, doesn’t actually accept new CAs, corrupts the process of changing CAs, etc. (I suggest you try checking recent phone firmware and changelogs from the manufacturer.)

Also you posted sip.conf (chan_sip) configuration but please consider pjsip.conf (chan_pjsip) instead in newer versions of Asterisk. The PJSIP multi-transport options might be useful as you experiment with different settings.