Our Telephony Engineers will perform maintenance on our SIP proxy servers in the US region.
Our TLS certificate for our SIP proxy server(s) of sip.telnyx.com (192.76.120.10 and 64.16.250.10) will be changed during this deployment. This is important for some customers who use an SBC (or other appliance) and have our certificate (or the CA certificate) loaded into the SBC. This information also applies to some customers who use TLS with desk phones (poly phones, for example) and who have the certificate loaded into the phones for TLS. The importance for such customer appliances/devices is that we'll use a new certificate chain (both the intermediate certificate and the root certificate will be changed).
Our new certificate will have this serial number, issuer, and fingerprint. - Serial Number: 0d:97:23:dc:a0:7e:60:0d:22:b0:ac:ed:ca:d4:4a:8d - Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Thawte TLS RSA CA G1 - SHA1 Fingerprint: 70:7B:25:E9:38:93:68:AB:2B:F7:2C:91:F4:BF:F5:61:71:A0:C7:9C
The chain is signed by the DigiCert Global Root G2 certificate (SHA1 Fingerprint DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4) chain, which can be downloaded from Digicert's website. - https://cacerts.digicert.com/DigiCertGlobalRootG2.crt.pem
Note In line with CA/Browser Forum standards, this is the last TLS certificate for this service that will include clientAuth (Client Authentication) EKU as well as serverAuth (Server Authentication). When we renew the certificate again later this year (around October 2026), the new certificate will include only the serverAuth EKU. This may be significant for customers who use mTLS (Mutual TLS) for SIP trunks. Before our next certificate renewal, we'll send another update about this.
Posted May 11, 2026 - 14:41 UTC
This scheduled maintenance affects: SIP Trunking - Signaling Regions (US).