Azure Storage in trouble due to expired SSL certificate

A failure of millions because of a few dollars

Communications on the Web are generally done with a communication protocol called HTTP, and there is a secure version called HTTPS that uses a protocol called SSL.

SSL provides authentication and privacy of information between endpoints over the Internet through the use of cryptography. Typically, only the server is authenticated (ie its identity is guaranteed) while the client remains unauthenticated. On the other hand, in Azure both parties are validated by means of certificates.

To do this, all communication is encrypted and decrypted automatically, but it is necessary to have a security certificate, a small piece of software, which ensures that the server is who it says it is.

Well, this little certificate on Windows Azure servers, for a few dollars, has expired.

Normal HTTP traffic did not have any incidents, but "secure" traffic found that without this certificate many of the Windows Azure services were no longer accessible and, among them, the cornerstone of the data storage: Azure Storage.

According to Microsoft, 99% of the clusters updated their SSL certificates at dawn on the 23rd, considering the problem resolved early evening (US Pacific Time).

However, continues Steven Martin, teams continue to perform RCA (Root Cause Analysis) including steps to help prevent this failure from reoccurring in the future.

Curious that the same failure is repeated on two of its platforms - in Windows Phone 7 there was a similar failure with Store certificates a few months ago - and that billions of Mb. of data may temporarily become inaccessible for a few coins

Via | Windows Azure Service Disruption from Expired Certificate In XatakaWindows | The Exabyte of data stored in the Cloud has been exceeded

Table of contents:

A failure of millions because of a few dollars

Editor's choice