Applies To

Call2Teams - Customers


TABLE OF CONTENTS


Overview

For Partners who are using TLS, if there is a loss of service after 14:00 UTC on the 30th Sept, it is highly possible that the ISRG Root X1 Lets encrypt root certificate is not being trusted.


Explanation of Behaviour

On Thursday 30th September at 14:00 UTC the certificate provider used by the Call2Teams platform will be dropping their use of a cross-signed certificate authority and relying solely on their main root certificate authority

  • Previous certificates were signed by ISRG Root X1 and cross-signed by DST Root CA X3
  • From 30th September 2021 at 14:00 UTC the root certificate authority will only be ISRG Root X1


It is important that Partner services that rely on encryption can trust the ISRG Root X1 certificate, to ensure there is no interruption to services.

 

The encrypted connection to Microsoft Direct Routing does support the ISRG Root X1. Microsoft have widely supported the ISRG Root X1 for several years.


We Strongly Advise you delete the expired ISRG Root X1 that is signed by DST Root X3 from your CA Store to prevent any conflicts. 

 

Solution

Here is the link to download the ISRG self signed certificates in different formats (der, pem and txt respectively)  https://letsencrypt.org/certs/isrgrootx1.der , https://letsencrypt.org/certs/isrgrootx1.pem or https://letsencrypt.org/certs/isrgrootx1.txt

More information can be found here: Chain of Trust - Let's Encrypt (letsencrypt.org) 

Disclaimer

Please note Qunifi cannot be held responsible for the content of any third-party documentation offered.