Maintained with ☕️ by
IcePanel logo

Azure Site Recovery - TLS Certificate Changes



Microsoft is updating Azure services to use Transport Layer Security (TLS) certificates from a different set of Root Certificate Authorities (CAs). We're making this change because the current CA certificates don't comply with one of the [CA/Browser Forum Baseline requirements]( Azure Site Recovery service endpoints will be updated in a phased transition across all public regions beginning on October 16 2020, and completing by October 26, 2020\. # Will this change affect me? This change will affect connectivity from on-premises configuration server/process servers (for physical/VMware VM replication), and from Hyper-V host servers/System Center VMM servers, to the Azure Site Recovery service. After the update, replication won't work as expected in the following scenarios: * If you're connecting to Site Recovery using Azure Private Links. * If you have an environment where firewall rules only allow outbound calls to specific Certificate Revocation List (CRL) download locations, and/or to Online Certificate Status Protocol (OCSP) verification locations. * Connectivity is needed to these CRL and OSCP URLs: * * * * * * * * # # What should I do? * If your environment allows access to the URLs above, no action is needed. * If you already completed the required actions based on [prior instructions](, no further action is needed. * If your environment doesn't allow access to the URLs, consider allowing temporary access. This enables the Site Recovery configuration server/process server (VMware/physical machine replication), or Hyper-V host servers/VMM servers, to automatically update certificates once the update is available in your region. After the update you can turn off access to the URLs. * If your environment doesn't allow access and you don't want to enable temporary access, then [follow these steps]( to manually install certificates on the relevant servers. You don't need to do anything on replicated machines. * Azure Site Recovery * Features * Security * [ Azure Site Recovery](