Skip to Content

MC1280563: 24-hour test that switches Microsoft Teams Direct Routing SIP endpoints to certificates issued by a new CA.

By: Author Alex Lim

Posted on

Categories Update

Home » Update » MC1280563: 24-hour test that switches Microsoft Teams Direct Routing SIP endpoints to certificates issued by a new CA.

Summary

  • Microsoft Teams Direct Routing will switch to certificates from a new Certificate Authority during a validation test.
  • Organizations using Teams Direct Routing with SBCs for TLS connections may experience connection failures if SBCs do not trust the new Root CAs.
  • This may impact PSTN calling for affected tenants.
  • Administrators should ensure SBCs trust the required Root CAs and update certificate trust stores if necessary.
  • Voice administrators and helpdesk teams should be notified about this planned test.

Primary Service: Teams
Admin Impact: High
User Impact: Low
Release Start: 28 Apr 2024
Release End: 29 Apr 2024
Services: Teams
Category: Stay informed
Tags: Admin Action

History

4/15/2026 Item Added to Message Center

Microsoft Message

Introduction

To improve certificate lifecycle management and maintain secure connectivity for Microsoft Teams Direct Routing, Microsoft will run a time-limited validation test that transitions Teams Direct Routing SIP endpoints to certificates issued by a new Certificate Authority (CA). This test helps ensure customers are prepared for future certificate changes and reduces the risk of unexpected service disruption.

When this will happen

  • Start: April 28 at 9:00 AM UTC
  • Duration: 24 hours

How this affects your organization

Who is affected:

Organizations using Microsoft Teams Direct Routing with Session Border Controllers (SBCs) configured for TLS connections to Teams SIP endpoints.

What will happen:

  • During the 24-hour test, Teams Direct Routing SIP endpoints will gradually switch to certificates issued by a new CA.
  • If your SBC does not trust the previously communicated Root CAs, TLS connections to Teams SIP endpoints may fail during the test window.
  • TLS connection failures could impact PSTN calling for your tenant.

What you can do to prepare

  • Verify that your SBC trusts the previously communicated Root CAs required for Teams Direct Routing.
  • Update SBC certificate trust stores if needed.
  • Review the What’s new for Direct Routing documentation for required Root CAs.
  • Notify voice administrators and helpdesk teams of this planned test.

Compliance considerations

Encryption methods or key management: Yes – The test involves certificates issued by a new CA, affecting TLS certificate trust for Direct Routing.