We are running version 12.5 SU5
Cups xmpp server was replaced with a new one about 2 weeks ago, issued from Digicert. It has the same root and issuing authorities as the previous one.
We use Digicert for all CM certificates and have replaced many over the years so we are familiar with the process.
Everything seemed normal when installing the new one, the new cert replaced the old one in the cups cert store as expected. The old cert is not displayed in the cert store in the GUI or the CLI.
However, somehow the old cert is still being presented to the Jabber clients which is causing an expiration message because the old one expired on April 5.
This is only happening when the clients are on-net and communication directly with the CM environment.
When off-net, clients go through Expressway and do not get the old cert presented to them.
We've restarted the service but not the server yet. Plan to restart the server tonight.
Has anyone ever seen where an old certificate is still being presented even though it doesn't seem to exist in the cert store?
Go to Solution.
We were hitting a bug: