AnsweredAssumed Answered

Azure - SAML via ADFS - customers currently using Public Key or Certificate Pinning

Question asked by Gustavo Trujillo on Jun 13, 2017
Latest reply on Jul 19, 2017 by Yum Darling

Per the below message from Azure, were there any changes that you had to make to your SAML configuration?



We know that security is a top priority for you. To ensure the highest levels of security with Microsoft Azure, we are adding new high-availability certificate authorities.

For the majority of customers, this change will be seamless and will not have any impact on your Azure applications.

This change will only affect those currently using public key or certificate pinning to provide an additional layer of security to applications or services accessing Azure. If you are using this approach, then action by your organization is required by July 27, 2017, when the certificate authority update occurs. This critical action is required to ensure you have the highest level of availability when using public key or certificate pinning.

Please forward this message to whoever in your organization administers applications that use Azure.

If you have an application that uses one or more Azure services and explicitly checks who issued certificates for those Azure services (public key or certificate pinning), then that application must be updated before July 27, 2017 to avoid interruption.

Please read this article for more details, to assess whether you are impacted, and what steps to take if you are.

This change only impacts customers who are using this security approach, so if this does not apply to your organization, no action is required.

If you require further assistance, please contact us through support.

Thank you,

Your Azure Team