In early November, DigiCert replaced the certificate of an Intermediate Certificate Authority (ICA) which issues SSL/TLS certificates used by Azure Active Directory (Azure AD) services, such as Microsoft 365 and Dynamics 365, in the Public and US Government Clouds. In most cases, no action is required. However, if you explicitly hard code (i.e. “pin”) the ICA certificates to be trusted or have custom solutions that depend on storing ICA certificates in a trust store, you will need to take action as soon as possible in order to avoid service disruptions.
Note: We expect that most customers will not be impacted. You may be impacted, however, if you have applications that explicitly specify a list of trusted ICAs, either by hard coding them (“certificate pinning”) or by operating a trust store.