azure-docs icon indicating copy to clipboard operation
azure-docs copied to clipboard

Published 20 hours ago verified publisher icon MicrosoftDocs

rootCA official list supported on Azure is NOT correct

Open ezYakaEagle442 opened this issue 11 months ago • 2 comments

CSC Root CA (names "The USERTRUST Network") is NOT supported on Azure CA TrustStores: https://learn.microsoft.com/en-us/azure/security/fundamentals/azure-ca-details?tabs=root-and-subordinate-cas-list ==> please confirm

https://learn.microsoft.com/en-us/azure/frontdoor/domain#certificate-requirements leads to https://ccadb-public.secure.force.com/microsoft/IncludedCACertificateReportForMSFT

long story short : the RootCA list are NOT the same on Azure docs vs SalesForce link ..... ==> please update the docs immediatley and tell me which list is the correct one ?

Document Details

Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

ezYakaEagle442 avatar Mar 20 '24 15:03 ezYakaEagle442

@ezYakaEagle442 Thanks for your feedback! We will investigate and update as appropriate.

Naveenommi-MSFT avatar Mar 20 '24 15:03 Naveenommi-MSFT

@ezYakaEagle442 I've delegated this to @shlipsey3, a content author, to review and share their valuable insights.

RamanathanChinnappan-MSFT avatar Mar 22 '24 06:03 RamanathanChinnappan-MSFT

I'm checking with the team and will report back.

shlipsey3 avatar Mar 29 '24 21:03 shlipsey3

The intent of this article is to delineate the CAs utilized by Azure’s service endpoints. It is provided so customers can anticipate the CAs encountered when establishing connections to Azure resources. This list does not, however, represent the CAs universally trusted on Azure VMs or by Azure services for validation. So this list won't match the trust anchors provided on Azure VMs or other hosted services.

Sorry for any confusion - we're going to update to hopefully provide a clarification.

shlipsey3 avatar Apr 19 '24 17:04 shlipsey3