Jan 05 2021 07:58 AM
We have Direct Routing with an AudioCodes SBC. It's been working fine for 18 months. Recently, the TLS certificate on the SBC that is used for Teams calling expired. We renewed it on the SBC and it's status shows as "OK" with an expiration date 1 year from now. However, on the Health Dashboard for Direct Routing on the office.com portal it's still showing the SBC as inactive because the certificate is expired. Microsoft support said it could be 24-48 hours before it "registers" the new certificate. I'm questioning the accuracy of this and wondering if anyone else has had an experience with an expired SBC certificate. I have verified that the config on the SBC is correct - nothing has changed since the certificate expired other than a new CSR being generated and a new cert installed (and yes, it's from one of Microsoft's acceptable providers). I've also verified the root certificates are installed, including the "Baltimore" cert. Any advice or assistance would be most appreciated.
Jan 05 2021 09:55 AM
@Linus Cansby , do you have ideas here?
Jan 05 2021 04:46 PM
Under your SIP Interface for your Teams connection, have you verified which "TLS Context" is being used, and verified that is the TLS Context you deployed the new certificate to?
Do you restrict your SBC SIP signalling port to just Microsoft? If not, go to https://www.sslshopper.com/ssl-checker.html and put in the SBC IP address following by :SIPPORT, so if your SIP signalling port is 5067, it'd look like a.b.c.d:5067 where a.b.c.d is the IP address or the name. Does the SSL Checker return what you're expecting it to be?
Nov 23 2021 12:11 AM
I'm having the same issue.
SSL Checker (with port info) is directing to the right IP address of my SBC sip interface towards Teams
Nov 24 2021 07:15 PM
Did it return the correct certificate? It's more than just ensuring it goes to the right IP address.
Feb 10 2022 06:40 AM - edited Feb 10 2022 06:40 AM
hello how was solve your issue?
We have the same after certificate renewal on SBC side.
Did you reset completly the sip trunk on both side?
How can you revocate manually the certificate on MS side?
regards
Julien
Sep 29 2022 01:51 AM
Nov 20 2023 06:22 AM