We have confirmed that this was the result of an update to the intermediate certificate that may be used by Microsoft Teams, which is signed by a newer Microsoft Trusted Root CA. Implementing the newest Microsoft Trusted Root CA will resolve this issue. Please reach out to the support team or to your customer success representatives if you need any additional clarification with respect to this issue.
Posted Feb 24, 2025 - 18:26 UTC
Investigating
We have received reports from customers experiencing issues with Microsoft Teams traffic that is being decrypted through Prisma Access via SSL Decrypt functionality. The flows may be dropped due to a 'decrypt-cert-validation' reason. To temporarily workaround this issue, a decryption policy rule can be added to bypass decryption for Microsoft Teams or split-tunnel this traffic via a GlobalProtect tunnel configuration policy. We appreciate your patience as we continue to investigate this issue. Updates will be provided as they become available