SBC certificate is not issued correctly.

Copper Contributor

H All,


I am trying to establish a SIP TLS connection between MS Teams and Audiocodes hosted in GCP.


but I am getting below errors in Audio codes and the SIP TLS connection is not successful.

REASON: Q.850;cause=63;text="f9f5ac89-d865-4b18-9f84-poiuewrasdf;SBC certificate is not issued correctly. Provided trunk FQDN '34.XX.93.132' is not included in certificate's CN or SAN list. Certificate allows following FQDNs only:, regularadmin.o" CONTENT-LENGTH: 0


But my IP address is added on the signed certificate 

  • X509v3 Subject Alternative Name:
    •, IP Address:34.XX.93.132,

Anyone could help me on this case?


Kind regards



2 Replies

Hi @pragashvg,


The error message indicates that there might be a problem with the certificate used for the connection.

Based on the error, it appears that the SBC certificate was issued incorrectly. The certificate seems to allow only specific FQDNs (Fully Qualified Domain Names) in the list, and unfortunately, the provided  FQDN '34.XX.93.132' is not included in that list.
This is causing the TLS connection to fail.

You mentioned that you've added your IP address (34.XX.93.132) to the certificate as a Subject Alternative Name (SAN), but it's not being recognized as valid during the connection.

To check and try to resolve this:

1. Make sure the certificate matches the configuration and includes the correct IP address as a SAN. Ensure that the certificate chain is valid and all required certificates are installed.

2. Verify that the FQDNs used in the configuration match exactly with the FQDNs specified in the certificate's list. Watch out for any typos or discrepancies in the FQDNs.

3. Double-check the certificate thumbprint used in the configuration. A wrong thumbprint can cause certificate validation issues.

4. Ensure that the certificate is not expired, as expired certificates can lead to TLS handshake failures.

If you've recently reissued the certificate or made changes to its configuration, it's crucial to restart the Audiocodes services to apply the changes properly.

As certificate-related matters can be complex, you might want to refer to the Audiocodes documentation and GCP guidelines to ensure you've followed the correct steps for setting up SIP TLS connections.

Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.

If the post was useful in other ways, please consider giving it Like.

Kindest regards,

Leon Pavesic

My certificate meets all the requirements you have mentioned, not sure what causing this issue. I can see from Audiocodes side SIP trunk showing online. but it is not coming up on MS Teams side.