This document describes the solutions for MRA (Mobile Remote Access) Login and B2B (Business-to-Business) Calling issue due to Sectigo CA Certificate Expiry on 30th May.
There are no specific requirements for this document.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
The Sectigo CA certificate package expired on 30th May which causing outages for Expressway/VCS deployment. You may experience MRA Login and B2B Calling outages due to certificate/TLS Negotiation failures. The majority of these issues are root caused to the expiration of the Sectigo certificate. Same has been documented on the advisory released by Sectigo link https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA01N000000rgSZ
Certificate expiry will to lead to following symptoms
- MRA Login, B2B Calls not working - Clustering down - Traversal Zone (with TLS failures)
- Sectigo CA used to sign VCS/Expressway certificate