Teams Direct Routing Session Border Controller Certificate Support Change
Introduction
On Tuesday, October 3, 2023, at 10:00 AM (UTC – 5:00 AM EST), all Microsoft SIP endpoints will be gradually switched over to use certificates based on the “DigiCert Global Root G2” Certificate Authority (CA).
Your Teams Direct Routing Session Border Controllers (SBCs) may stop sending and
receiving phone calls if they do not have this root chain installed!
Organizations that are using Teams Direct Routing should check their Session Border Controllers (SBCs) and remediate as needed. The instructions for checking and fixing AudioCodes SBCs are detailed below.
Background
What Do You Need To Know NOW?
1. Browse to “DigiCert Trusted Root Authority Certificates”.
2. Click on “Other root certificates”.
3. Locate the “DigiCert Assured ID Root G2” certificate.
4. If you have AudioCodes SBCs, click the “Download PEM” button and save the file in a location where you can access it and the SBC from your browser. For other SBCs, refer to the documentation to determine the correct format to download.
1. Login to the SBC
2. Click the drop-down arrow next to “Actions”.
3. Click on “Configuration File”.
4. In the “INI File” section, click the “Save INI File” button to save the SBCs running configuration.
5. Click on “IP Network”.
6. Click on “Security”.
7. Click on “TLS Contexts”.
8. Click on the “TEAMS” TLS Context. Your “Teams” TLS context may have a different name.
9. Click the “Trusted Root Certificates” button. You may have to scroll your screen down to see the button.
10. If the “DigiCert Global Root G2” certificate is not listed, click the “Import” button.
a. If you have the “Baltimore CyberTrust Root” certificate, do not remove it!
b. If you do not have the “Baltimore CyberTrust Root”, you don’t need it at this point!
11. Click the “DigiCertGlobalRootG2.crt.pem” file.
12. Click the “Open” button.
13. Once the file has been successfully loaded, click the “Close” button.
14. Click the “Save” button.
15. Click the “Yes” button.
16. Make some inbound test calls to Teams users from the Public Switched Telephony Network (PSTN).
17. Make some outbound test calls from Teams users to the PSTN.
18. Make test calls to verify that all other call flows traversing the SBC are working correctly.
Summary
If you have any questions about this process or need help in its implementation, no matter what manufacturers SBC you own, please contact our team of Cloud Computing Consultants or email us at info@eGroup-us.com!
Cloud Solutions Architect - eGroup | Enabling Technologies
Interested in learning more about AudioCodes Session Border Controllers and how to implement them?
Contact our team of experts to get started today!