Do We Need To Update Root CAs In Messaging Server?

(Doc ID 2317581.1)

Last updated on OCTOBER 19, 2017

Applies to:

Oracle Communications Messaging Server - Version 8.0.0 and later
Information in this document applies to any platform.

Goal

We have been notified that a vendor is moving to a new certificate signed by VeriSign Universal Root Certification Authority, and we are not seeing that Root CA in our cert db on our outbound MTAs.

Do we need to update the Root CA in our Messaging Server cert db in order to be able to negotiate TLS when trying to relay mail to them?

Ex.

Certificate information:
Root CA:
Issued to: VeriSign Universal Root Certification Authority
Issued by: VeriSign Universal Root Certification Authority
Valid from: 4/1/2008 to 12/1/2037
Serial Number: ‎40 1a c4 64 21 b3 13 21 03 0e bb e4 12 1a c5 1d

https://www.symantec.com/content/dam/symantec/docs/other-resources/verisign-universal-root-certification-authority-en.pem

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms