Reminder: Azure SSL/TLS certificate changes

What is changing?

We originally communicated last November (MC226863) that on 02 Nov 2020, DigiCert replaced the certificate of the Intermediate Certificate Authority (ICA) “DigiCert SHA2 Secure Server CA”, which issues SSL/TLS certificates used by Azure Active Directory (Azure AD) services in the Public Cloud.

When is it changing?
Starting on 08 Feb 2021, Azure AD Identity services will be switching the Certificate Authorities.
Will this change affect me?
We expect that most customers will not be impacted. You may be impacted, however, if you have applications that explicitly specify a list of trusted ICAs, either by hard coding them (“certificate pinning”) or by operating a trust store. You need to ensure, all the Root CAs and ICAs for Public Cloud are trusted.

For more information to determine if you may be impacted, please refer to Azure TLS Certificate Changes

For a full list of certificates, refer to Certificate authorities used by Azure Active Directory

Message ID: MC236478


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: