Yesterday’s multi-hour Teams outage was due to an expired SSL certificate

Expand / This is the face of SSL certificate renewal failure.
Microsoft

reader remarks

8
with 7 posters taking part

The Other Day, Microsoft Teams– a mix immediate messaging, partnership, and chat plan taking on Slack and the brand-new version of Google Hangouts–was unattainable for numerous hours, from around 8: 30 am to 11: 30 am ET.

By 10: 30 am, Microsoft acknowledged on Twitter that the outage was the result of an expired SSLcertificate Roughly an hour later on, they had actually protected a replacement certificate and started releasing it in production, with service commonly brought back by Monday afternoon.

This isn’t Microsoft’s first significant public humiliation due to a service renewal failure. The business was accountable for among the most popular “oops, we accidentally the whole domain” occurrences in 1999, when it enabled the domain computer system registry for passport.com to end. The domain was accountable for authentication for a range of Microsoft services, consisting of Hotmail.com and Microsoft Messenger.

Linux specialist Michael Chaney paid the renewal cost for Passport.com on Christmas day 1999, bring back gain access to to Microsoft’s Hotmail totally free email service.
Michael Chaney

Soon after Passport.com’s expiration made the front page at Slashdot, a Hotmail user who states he “wanted to see what would happen” paid the $35 renewal cost himself, bring back service. Microsoft later on repaid the do-gooder, Linux specialist Michael Chaney, with a $500 examine that he in turn auctioned off on eBay for $7,100, contributing the earnings to charity.

A couple of years later on, Microsoft dropped the ball on domain registration once again, enabling hotmail.co.uk to go dark in 2003– and this time, the private person didn’t simply pay the cost, they really purchased the domain. Gladly, the confidential person who bought the expired domain did not alter its DNS records and moved it back to Microsoft soon later.

The business has actually not yet made a postmortem analysis of the other day’s Teams failure offered. A lot of reports have actually defined it as someone forgetting to restore the certificate, however it’s similarly possible that an automated renewal system stopped working and no-one at the business identified the problem till after the service was commonly reported as down.

Expand / Let’s Encrypt provides anyone who desires one a totally free SSL certificate, helpful for 90 days. Certbot re-deploys and restores that totally free certificate every 30 days.
Jim Salter

We won’ t presume to inform Microsoft how to run a 20 million user service, however smaller sized operations can quickly prevent comparable concerns– the EFF’s Certbot automates renewal of totally free Let’s Encrypt SSL certificates, and the Nagios tracking system consists of a plugin which immediately evaluates released SSL certificates and cautions its operator if they are approaching their expiration date.

Follow AsumeTech on

More From Category

More Stories Today

Leave a Reply