Share via


SSL Cert Renewal Issues Solved On Azure Service Bus and Relay

To our Azure Relay and Azure Service Bus customers,

Some of you might have seen the below error whenever the Relay and Service Bus service updated its SSL certificate chain.

Unhandled Exception: System.IdentityModel.Tokens.SecurityTokenValidationException: The X.509 certificate CN=servicebus.windows.net is not in the trusted people store. The X.509 certificate CN=servicebus.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.

What this meant was that you could not obtain the intermediate certificate either because you were in a restrictive environment where access to the intermediate cert URL was blocked or you had some connectivity issues.

We have good news though! We have a fix in Nuget package 4.1.7 which resolves the issue for Relay and Service Bus.

We hope you continue to update to the latest packages as this is a great way to avoid issues from cert changes in the future.

Happy Messaging!

--Relay Out--