[Action Required] Security Change to Update SSL Certificate for Production (December 2015)
To maintain alignment with security best practices and the industry-wide shift to use more secure hashing algorithms for HTTPS certificates, Zuora will be replacing the current HTTPS certificates, which are signed with the SHA-1 hash algorithm, with new certificates signed with the SHA-256 hash algorithm. You will be affected by this change if your certificate store does not contain the root and intermediate certificate specified below. Please work with your technical team to determine if this change will affect you.
Action is required on your part prior to December 3rd 2015 to ensure you do not experience any disruption in service.
When will these changes take effect?
The change will occur on December 3rd 2015 from 9:00 PM to 11:00 PM Pacific Time. This is a zero downtime deployment, therefore there is no expected service interruption.
What action must I take?
Ensure the keystore used by your application includes and trusts root and intermediate certificates listed below. The full certificate chain has been attached as a part of this forum message for ease of access.
Root Certificate Subject CN - VeriSign Class 3 Public Primary Certification Authority - G5
Intermediate Certificate Subject CN - Symantec Class 3 EV SSL CA - G3
What happens if I take no action?
If you take no action, your systems may be unable to connect to the Zuora’s Production environment after this change is implemented. Please discuss these changes with your systems administrators to ensure you take the appropriate actions.
Zuora Global Support is readily available to answer any additional questions you may have. Please contact us at +1-650-779-4993 or at firstname.lastname@example.org.