Azure Database PostgreSQL Root Certificate Change - February 15, 2021 - No Customer Actions Needed
search cancel

Azure Database PostgreSQL Root Certificate Change - February 15, 2021 - No Customer Actions Needed

book

Article ID: 328479

calendar_today

Updated On:

Products

VMware

Issue/Introduction

Horizon Cloud on Microsoft Azure customers may have received an automated email from Microsoft Azure with the subject line of "Action Required: Azure Database for PostgreSQL is changing the root certificate for client applications/drivers enabled with SSL starting 26th October 2020" (email and its content are noted in the related section). This deadline was later extended to February 15, 2021, by Microsoft.

The root certificate for the Azure POD PostgreSQL Database will be updated with new Root CA by Microsoft as part of their standard maintenance and security best practices. VMware has completed implementation requirements outlined in the Microsoft’s SSL root certificate expiring  documentation to ensure uninterrupted connectivity post February 15, 2021. 

Our customers do NOT need to make any changes on their end.  Please reach out to VMware  support  if you have any questions  


Additional Information

Microsoft’s Email to Customers 

Subject:  Azure Database for PostgreSQL Single server is changing the root certificate for the client applications/drivers enabled with SSL starting 26 October 2020.  

You're receiving this email because you use Azure Database for PostgreSQL. Azure Database for PostgreSQL will be changing the root certificate for client applications/drivers enabled with SSL, which you use to  connect to the database server. The root certificate currently available is set to expire 26 October 2020 as part of standard maintenance and security best practices. This change will have impact on your application connectivity to the Azure Database for PostgreSQL. How does this impact me?   

All applications that use SSL/TLS and verify the root certificate need to have their root certificate updated to connect to Azure Database for PostgreSQL. You can verify if your client application is trying to use SSL mode with the  predefined trusted Certificate Authority (CA).   

  • If you're not using SSL/TLS currently, there is no impact to your application availability.   

  • If you're using the  Azure Database for PostgreSQL Single server issued certificate, your application's availability may be interrupted since the client applications may not be able to connect to the Azure Database for PostgreSQL server after 26 October 2020. Depending on your application, you may receive a variety of error messages, including but not limited to: Invalid certificate/revoked certificate or Connection timed-out  

Recommended action
If your application is using SSL/TLS we recommend taking the action detailed in  how to maintain connectivity