Applies To
Call2Teams - Customers
TABLE OF CONTENTS
Overview
For Partners who are using TLS, if there is a loss of service after 14:00 UTC on the 30th Sept, it is highly possible that the ISRG Root X1 Lets encrypt root certificate is not being trusted.
Explanation of Behaviour
On Thursday 30th September at 14:00 UTC the certificate provider used by the Call2Teams platform will be dropping their use of a cross-signed certificate authority and relying solely on their main root certificate authority
- Previous certificates were signed by ISRG Root X1 and cross-signed by DST Root CA X3
- From 30th September 2021 at 14:00 UTC the root certificate authority will only be ISRG Root X1
It is important that Partner services that rely on encryption can trust the ISRG Root X1 certificate, to ensure there is no interruption to services.
The encrypted connection to Microsoft Direct Routing does support the ISRG Root X1. Microsoft have widely supported the ISRG Root X1 for several years.
We Strongly Advise you delete the expired ISRG Root X1 that is signed by DST Root X3 from your CA Store to prevent any conflicts.
Solution
Here is the link to download the ISRG self signed certificates in different formats (der, pem and txt respectively) https://letsencrypt.org/certs/isrgrootx1.der , https://letsencrypt.org/certs/isrgrootx1.pem or https://letsencrypt.org/certs/isrgrootx1.txt
More information can be found here: Chain of Trust - Let's Encrypt (letsencrypt.org)
Disclaimer
Please note Qunifi cannot be held responsible for the content of any third-party documentation offered.