Microsoft Rolling Out New Azure Active Directory Certificate Policy This Month

Microsoft plans to increase its Azure Active Directory certificate update pace, with the next rollover happening on Oct. 10.

The updated certificates are needed to secure application access to Microsoft's Azure AD identity and access management service, which taps Microsoft's datacenter infrastructure (also known as "the cloud"). Microsoft's practice has been to update these security certificates about every six weeks or so. However, new plans, announced this week, indicate that the certificates will undergo more frequent updating, going forward.

Moreover, Microsoft now prefers using the term "global signing keys" instead of "certificates" for Azure AD.

"Continuing on our commitment to protect our customer's data and building on the momentum of this August 15, 2016 rollover, we will be increasing the frequency with which we roll over Azure Active Directory's global signing keys (previously referred to as "the Azure Active Directory certificates")," Microsoft's announcement indicated.

Microsoft's last certificate update happened on Aug. 15, and got announced back in July. However, Microsoft is now planning to change its announcement policy. Instead of giving notice to organizations about the coming certificate changes, Microsoft is planning to update these global signing keys without giving notice.

The certificate updates, also called "rollovers" by Microsoft, won't be a problem for applications that already have an automatic update process built into them. Microsoft considers all applications in the Azure AD App Gallery to meet this requirement, including the custom apps that are housed there. Moreover, all apps housed on premises that get published via Application Proxy or that use the Azure AD B2C service meet the automatic rollover criteria.

While Microsoft's new practice will be to not give notice when certificate rollovers happen, it still wants to know about any certificate update-associated problems.

"If you experience unusual behaviors please contact Azure Support," Microsoft's announcement stated.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Gears

    Top 10 Microsoft Tips and Analyses of 2018

    Here are the year's most popular explainers and how-to columns -- along with some plain, old "Why did Microsoft do that?" musings thrown in.

  • Sign

    2018 Microsoft Predictions Revisited

    From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.

  • Microsoft Recaps Delivery Optimization Bandwidth Controls for Organizations

    Microsoft expects organizations using its Delivery Optimization peer-to-peer update scheme will optimally see 60 percent to 70 percent improvements in terms of network bandwidth use.

  • Getting a Handle on Hyper-V Virtual NICs

    Hyper-V usually makes it easy to configure virtual network adapters within VMs. That is, until you need to create a VM containing multiple virtual NICs.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.