Microsoft Windows Azure Cloud Fails As SSL Certificate Expires

amazon web services

Microsoft will refund users for Azure Screen Of Death caused by expired SSL certificate

The Microsoft Windows Azure cloud suffered a a major outage, when an SSL security certificate for Azure Storage expired, breaking business applications, and Microsoft’s own Xbox Live, for twelve hours on Friday.

The company has offered a refund (as specified in service level agreements) to those affected, but has not yet explained how it allowed a certificate to expire, which is needed for secure access to data stored on the Azure cloud. The incident is an uncanny reminder of the failure caused one year ago when Windows Azure failed to take account of the extra Leap Year day in February, and has had commentators jaws dropping.

Adrienne Hall Microsoft Trustworthy Computing square

Windows Azure Cloud Of Death

“On Friday, February 22, Windows Azure Storage was affected by an expired certificate,” said Adrienne Hall, general manager, Microsoft Trustworthy Computing (pictured). “We have completed the restoration and all services are back online. For more information please go to the Service Dashboard.”

Anyone storing critical data on a cloud service should be using SSL (secure sockets layer) to access that data, and when this failed, critical applications trying to use Azure Storage failed.

Anyone storing critical data on a cloud service should be using SSL (secure sockets layer) to access that data, and when this failed, critical applications trying to use Azure Storage failed.

windows azure expired certificateDiscussion on the Windows Azure Forums quickly identified the problem  and produced evidence in the form of a screenshot (shown here). The most obvious temporary fix was to switch off the secure protocol HTTPS, and use HTTP, but users running real business data on their Azure cloud instances might have been reluctant to do that.

Anger quickly swelled, with commentators lambasting Microsoft for a “trivial” error. “This is quite a stupid mistake,” said analyst Clive Longbottom of QuoCirca. “All the technology was working – they just forgot to pay the bill for a certificate.”

This kind of error is very easy to make, but this does not let Microsoft off the hook, commentators said, “It does happen to private sites as well – regularly,” commented Longbottom.

Last year’s embarassing Leap Year error also hit Windows Azure’s certificates, and Microsoft did – eventually – publish a very full explanation of how the mistake was made.

Check out some more Tech Failures – try our quiz!