Back to All Scenarios
PASSEDvoip / sip_registration
SIP Registration Failure — Certificate Expired on SBC
The Session Border Controller's TLS certificate expired, causing all SIP phones to fail re-registration. Phones showing 'Registration Failed'.
Pattern
CERTIFICATE_EXPIRY
Severity
CRITICAL
Confidence
72%
Remediation
Auto-Heal
Test Results
| Metric | Expected | Actual | Result |
|---|---|---|---|
| Pattern Recognition | CERTIFICATE_EXPIRY | CERTIFICATE_EXPIRY | |
| Severity Assessment | CRITICAL | CRITICAL | |
| Incident Correlation | N/A | None | |
| Cascade Escalation | N/A | No | |
| Remediation | — | Auto-Heal — Corax resolves autonomously |
Scenario Conditions
Kamailio SBC. TLS certificate expired 3 hours ago. 200 SIP phones failed to re-register. Incoming calls routing to voicemail. Outbound calls failing.
Injected Error Messages (1)
SIP registration failure — SBC TLS certificate expired, 200 phones failed re-registration, incoming calls going to voicemail, outbound SIP REGISTER rejected with 'TLS handshake failure'
Neural Engine Root Cause Analysis
SSL/TLS certificate issue detected — a certificate has expired, is about to expire, has an incomplete chain, or is causing TLS handshake failures. Expired certificates will cause browsers to display security warnings, APIs to refuse connections, and automated integrations to break.
Remediation Plan
1. Identify the affected certificate and check its expiration date using 'openssl s_client -connect host:443' or browser certificate viewer.
2. If expired, renew the certificate immediately through your CA or Let's Encrypt.
3. For chain issues, ensure the full certificate chain (root + intermediate + leaf) is installed correctly.
4. For TLS handshake failures, verify the server supports the required TLS version and cipher suites.
5. Set up automated certificate monitoring and renewal (e.g., certbot auto-renew) to prevent future expirations.
Tested: 2026-04-02Monitors: 1 | Incidents: 1Test ID: cmnhnoopv002dlig77dmelgiy