How should I know that I am using certificate pinning, for Azure Storage services

Shyam Surapaneni 20 Reputation points
2023-11-30T18:05:49.1566667+00:00

How should I check that I am using certificate pinning, for Azure Storage services.

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,616 questions
{count} votes

4 answers

Sort by: Most helpful
  1. JimmySalian-2011 42,066 Reputation points
    2023-11-30T19:18:36.6933333+00:00

    Hi Shyam,

    Please check this page and this is in regards to the current circular by Microsoft to update the trusted root cert? If yes then read this article to understand the details of the Certificate pinning - https://learn.microsoft.com/en-gb/azure/security/fundamentals/certificate-pinning#certificate-pinning-limitations

    Hope this helps.

    JS

    ==

    Please Accept the answer if the information helped you. This will help us and others in the community as well.

    2 people found this answer helpful.
    0 comments No comments

  2. Anand Prakash Yadav 7,780 Reputation points Microsoft Vendor
    2023-12-01T11:59:53.2866667+00:00

    Hello Shyam Surapaneni,

    Thank you for posting your query here!

    Certificate pinning is a security practice that involves associating a specific cryptographic public key with a particular web server. This is done to prevent man-in-the-middle attacks by ensuring that the client only accepts certificates signed by a trusted authority and matching the expected public key or certificate.

    However, please note that traditional certificate pinning may not be directly applicable to Azure Storage services, as they typically rely on HTTPS for secure communication.

    If you mean to detect certificate pinning in your application, you may refer to the following steps:
    https://learn.microsoft.com/en-us/azure/security/fundamentals/certificate-pinning#how-to-address-certificate-pinning-in-your-application

    Please let us know if you have any further queries. I’m happy to assist you further.


    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.

  3. Pedro Hermida 5 Reputation points
    2023-12-01T14:49:24.6833333+00:00

    The original question was: "How should I know that I am using certificate pinning, for Azure Storage services". Unless I missed something, all I see is a copy past and a dissertation of what pinning is but not HOW TO KNOW.

    In our case, we are using Synology Hyper Backup to backup data to Azure Storage, and we would really like to know if we are directly, indirectly, knowing or unknowingly, using pinning. So again, HOW TO KNOW.

    1 person found this answer helpful.

  4. Akshay Buche (Infosys Ltd) 20 Reputation points Microsoft Vendor
    2024-01-23T21:17:24.99+00:00

    Hi @Sumarigo-MSFT , couple of weeks back we received an email regarding certificate pinning on Azure storage, in that 3 of our subscriptions are tagged, wanted to understand how those subscriptions were identified and which storages from those subscriptions are impacted due to the certificate pinning and what could be the mitigation action. Could you please help me in understanding more about it. We followed the below article and tried to find out the reference to the certificates in our repo but those are not referred and as per our understanding we don't depend on certificate pinning. https://techcommunity.microsoft.com/t5/azure-storage-blog/azure-storage-tls-changes-intermediate-certificate-renewals/ba-p/3929149#:~:text=prevent%20connection%20interruption).-,How%20to%20check,-If%20your%20client.-,How%20to%20check,-If%20your%20client) Thanks for your support!

    0 comments No comments