@SelamiSuba-6021 Welcome to Microsoft Q&A Forum, Thank you for posting your query here!
What service is connecting to Azure storage service - is it through the Azure VM or your applications? This change does not impact the root CA certificates which are not changing. If you are pinning only against the Root CA, no action is should be required. Pinning sub CAs is very rare and almost all applications if they choose to use cert pinning, pin the root CA only.
This change should not impact Azure portal and how it connects to storage. For more information about how to address cert pinning in your own application, you can refer to https://learn.microsoft.com/en-us/azure/security/fundamentals/certificate-pinning#how-to-address-certificate-pinning-in-your-application
Typically, an application contains a list of authorized certificates or properties of certificates including Subject Distinguished Names, thumbprints, serial numbers, and public keys. Applications may pin against individual leaf or end-entity certificates, subordinate CA certificates, or even Root CA certificates.
You need to verify with your application developer, if the application or the networking infrastructure (check with your network team) has pinned to any of the certificates listed below.
If your application explicitly specifies a list of acceptable CAs, you may periodically need to update pinned certificates when Certificate Authorities change or expire. To detect certificate pinning, we recommend the taking the following steps:
- If you have the application developer, search your source code for any of the following references for the CA that is changing or expiring. If there's a match, update the application to include the missing CAs.
- Certificate thumbprints
- Subject Distinguished Names
- Common Names
- Serial numbers
- Public keys
- Other certificate properties
- If you have an application that integrates with Azure APIs or other Azure services and you're unsure if it uses certificate pinning, check with the application vendor.
Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members