Just noticed that three of our Singapore-region BYOC trunks started dropping SIP registrations around 0200 SGT last night, coinciding with the automated certificate rotation on our Fortigate SBCs. The Genesys Cloud side is throwing 401 Unauthorized errors in the Trunk Activity logs, specifically citing ‘Certificate validation failed’ for the mutual TLS handshake. This is peculiar because the new certs were generated via our internal PKI and are valid for another 365 days. The old certs expired exactly at midnight, and the SBC restart seemed to complete without error, yet Genesys refuses to accept the new chain. I have verified that the intermediate CA is correctly appended to the SBC configuration. Is there a specific trust store update required on the Genesys Cloud side after a certificate change, or does the platform dynamically fetch the chain from the leaf cert? We are seeing this across trunks using the same SBC model but different carrier IPs. The failover logic is not triggering because the primary trunk state remains ‘Registered’ briefly before dropping to ‘Unregistered’ repeatedly. Any insights on how to force a trust store refresh or if this is a known issue with the latest Genesys Cloud SIP stack update?