MC236676 – We originally communicated last November in MC226884 that on November 02, 2020, DigiCert replaced the certificate of the Intermediate Certificate Authority (ICA) “DigiCert SHA2 Secure Server CA”, which issues SSL/TLS certificates used by Azure Active Directory (Azure AD) services in the Public Cloud.
When is it changing?
Starting on 08 Feb 2021 Azure AD Identity services will be switching the Certificate Authorities.
Will this change affect me?
We expect that most customers will not be impacted. You may be impacted, however, if you have applications that explicitly specify a list of trusted ICAs, either by hard coding them (“certificate pinning”) or by operating a trust store. You need to ensure, all the Root CAs and ICAs for Public Cloud are trusted.
For more information to determine if you may be impacted, please refer to Azure TLS Certificate Changes | Microsoft Docs
For a full list of certificates, refer to Certificate authorities used by Azure Active Directory | Microsoft Docs