This is a notification that there will be a maintenance to rotate SSL certificates for the following endpoints on Thursday August 20th between 5:00pm and 7:00pm PT:
This maintenance is being performed to remove SHA-1 signed certificates from our endpoints.
Action will be required on your part prior to August 20th, 2020 if your integration certificate store does not trust the appropriate new root and intermediate certificate chain (mentioned below). Please work with your technology teams to determine what actions you must take to ensure you do not experience any disruption in Zuora services.
When will these changes take effect on the Zuora side?
How will this change impact me?
Your integration will stop functioning if your systems do not trust the correct root and intermediate certificate.
* Important Note: Some applications require a restart even if the trusted root store is in place in order to use the new certificate for SSL connections.
What action must I take?
If the Root and Intermediate Certificates are not trusted by your applications or libraries, you must complete the following actions before the scheduled maintenance to avoid any potential service disruption. Please work with your technology teams to determine what actions you must take to trust this CA.
Download and install the Appropriate Root Certificate Bundle
If your integration does not trust the Comodo Root Certificates, then the certificate must be imported into your applications trusted CA store.
Follow these steps to download the Comodo Root Certificates:
We have provided basic instructions to load the the root and intermediate certificates for Java and .NET. For other applications, please follow up with your technology teams to determine what actions must be taken.
Run the following command from your application server(s) that make connections to Zuora systems to import root and intermediate certificates into your keystore. Note, text in blue must be replaced based on your system specifics.
For .NET on Windows 2008/2012 R2 & Windows 2016:
Click here for instructions on adding certificates to Trusted Certification Authorities store for local computer
What happens if I take no action?
If the Root Certificate is not trusted by your integration, and you take no action, your systems will not be able to connect to the Zuora Production endpoint after this change is implemented. Please discuss this change with your technology teams to ensure you take the appropriate actions.
You are encouraged to register to the Zuora Community in order to receive the latest update on this topic.
Thank you for your support as it allows us to maintain the highest security standards at Zuora ensuring the safety of your data.
Zuora Support Services & Community
What about api.zuora.com endpoint?
This maintenance has been completed.
The endpoints mentioned above are the only affected endpoints.