Preventing your own Azure networking flop

Preventing your own Azure networking flop

Summary: Microsoft had the embarrassment of seeing its Azure flagship cloud storage system crash for 12 hours on Friday because it forgot to renew an SSL certificate. Before laughing yourself silly, are you sure that a similar disaster couldn't happen to your internet presence?


Oh, the shame of it all! Microsoft's worldwide cloud service Azure had a critical failure — and for about 12 hours, the service was down. The cause? An expired Secure Socket Layer (SSL) certificate.

See what can happen if you forget to renew one lousy SSL certificate? A global cloud failure. (Image: ZDNet)

First, this was an incredibly stupid mistake. Sure, everyone can make blunders, but it's hard to take Microsoft's cloud offerings seriously after a misstep like this one. What makes this fiasco especially hard to take is that this is the second time Microsoft Azure has tripped over an SSL certificate problem. Last year, Microsoft had an even worse SSL-certificate-related Azure meltdown. That one was traced back to an SSL certificate that expired at the end of February — which Microsoft had renewed as of February 28, even though 2012 was a leap year and thus, February's last day was February 29.

This one though? It wasn't some programmer forgetting about leap day. It was just a failure to make sure that a vital SSL certificate had been kept up to date. Idiots. The certificate expired and suddenly, every SSL connection to Azure storage was blocked. That in turn lead to one Azure service after another failing in a cascading avalanche of disaster.

This was more than just a Microsoft foul-up. It's also a painful reminder that for all our talk about how resilient the internet and clouds can be, that there are several single points of failure that can take down a world-spanning cloud service.

So what can you do about it? Well, for starters, you shouldn't trust all your IT eggs in one basket. In particular, after two major foul-ups caused by trivial technology administration mistakes, I don't see how you can trust Microsoft with any mission-critical cloud work.

That said, all cloud-services fail from time to time. Amazon and Google's track records may be better, but they've had their share of failures as well. The day may come when you can have perfect trust in the cloud, but that day isn't here yet. If you have a business of any size, you still need the belt and suspenders of at least local backups of your critical data.

Moving from the cloud to your business, do you know when your SSL certificates are due for renewal? You can't simply automatically renew them, or to be more exact, you can, but it's a security risk. You need to have someone in your organization be responsible for tracking your SSL certificates. If you don't, well don't blame me if your on-site shopping cart starts failing one day.

Another blunder that keeps getting made time after time is that companies forget to renew their domain name registration. So it is that major companies, such as Australian business telecommunication firm AAPT, can suffer the major business embarrassment of having its website and email suddenly fail.

Just like SSL certificates, the fix is simply to make sure that someone, in some branch in your organization is responsible for maintaining your domain registration, and that the bill is paid. That's all.

It's not that hard and it doesn't cost much. Domain names can be had for under $5 a year and SSL certificates from a reputable SSL certificate provider can be had for as little as $31 annually.

There is no reason why Microsoft, or your company, should fall prey to an SSL or domain failure. All you need to do is keep track of both and pay their bills out of petty cash. It's not that hard.

Related Stories:

Topics: Storage, Cloud, IT Priorities, Microsoft, Networking, IT Policies

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Idiots?

    Really? They build arguably the best, most capable cloud platform on earth and //they're// the idiots? Mistakes happen. Even amongst very, very smart people, which the developers of Azure most certainly are.

    You, on the other hand, are like a broken //digital// clock. You're not even right occasionally by accident.
    x I'm tc
    • You have to look at who is calling them idiots...

      Kind of says a lot. Love this one "Amazon and Google's track records may be better but they've had their share of failures as well." They all have had outages, bottom line. SJVN childish bitterness just likes to point out one...
    • Either of the two

      "Really? They build arguably the best, most capable cloud platform on earth and //they're// the idiots? "
      Apparently, either MS' incompetence is unstoppable or their "most capable service" is not able to withstand their own stupidity, or both.
      Yeah, MS is not the only source of incompetence. This is a plague really nowadays (MS is one big contributor though). The major idiotic component of all that is the MS' irresistible taste for dirty and extravagant ways to spend money: FUD's paid reports, anti-linux campaigns and all those costly "droidrage", "scroogled" PR idiocies. What a bummer, what a ballmer!
      Instead of just hiring a few competent engineers they
      keep/hire lawyers and brainless managers.
      Quod Erat Demonstrandum
      • Looks like someone

        forgot their medication again. Tsk, tsk.
        • is it

          you, ScanBlack? Anti-depression pills? Go take them, please.
    • yes, idiots!

      The most serious platform, blah, blah...

      What is the world you live in? In my world, Microsoft does mediocre software and apparently mediocre services. With their insistence to go "all in" hardware manufacturing, they will also prove they are mediocre with hardware too. No surprises here. You can't spread thin and be "me too" everywhere and expect to be any good.

      Watching SSL certificate expiration is beyond trivial. Any "internet kid" knows how to do it.
      • Microsoft stinks; they're failing; they're going down;

        they don't know what they're doing; they're dying; Ballmer is a chimp, and a brainless one at that; I never use MS products or software, and nobody should have to; BSOD, again!; MS has no innovations; they just copy Apple; they just copy Google; no new ideas; MS just want your money; MS cheats; MS hasn't got a prayer; Windoze is bloated; Windows 8 will fail; Surface tablets have already failed; Metro is gay; WP8 has only sold 10 in the first quarter; MS won't release the figures because they don't want to be embarrassed; who needs MS; go with Linux, or go with Apple; or go with Google; MS spies on your e-mail and your browsing; MS is just following the leaders; MS will be extinct soon; MS fanbois/MS shills; etc

        Did I forget any of your anti-MS rants? I know I did, because, you have thousands of them.

        So, why don't you collect them all in one nice and concise paragraph, and then just copy and paste them in every discussion which is about Microsoft, or just happens to mention Microsoft. That way, you can save a lot of time having to recall any of your rants, and you'll also save all of the other readers a lot of time, since they already have heard all of your rants and anti-MS bile.
        • Or...

          ...people can simply state their opinions without resorting to cliches.
          John L. Ries
          • Opinions are one thing, the rants and stupidy from danbi are something

            else completely.
  • Talking about Idiots....

    Who is the biggest Idiot blogger in Zdnet or any other tech-site for that matter? it’s our own Zdnet super star SJVN !!!

    This super duper Moron is saying that people at MS are idiots..... BHAHAHAHAHA...

    SJVN, nobody is believing your FUD about MS
    • He's less of an idiot than

      You work it out. Perhaps you won't.
  • seriously

    Gmail down for hours blocking emails for companies and far far more users....

    Gmail hacked by China numerous times....

    Google employees caught reading emails....

    3 things that I would say are far worse than this... how about you report on them?
    • I think

      but I'm not sure, Zdnet is about current news. To go back over old stories (2010?) just to avoid bad PR for certain firms, would probably lose readership.
      Little Old Man
      • ..

        This is nothing to do with zdnet, its to do with this "writer" who doesn't do his job properly, his biased articles probably put people off coming to this site.....
        • F#$k off, you guys

          Go back under that bridge to find the sobbing Microsoft there. After this epic fail and another manifestation of Microsoft's incompetence, have the audacity talking about SJVN? You are the ones to keep quiet now.
          • Where as he when Amazon went down

            or when Google went down etc...? maybe you need to do a little more research 1st little boy.
          • I dare to remind

            you that it wasn't a *schoolboy's error" then, the second in a row.
  • Didn't your husband Google an idiot a while ago as per your terms

    for this,!topic/chrome/1alZsHEeprc
    Ram U
    • I am so sorry

      Poor Microsoft! What a bummer... I mean ballmer!
  • Preventing your own Azure networking flop

    Big deal, a mistake was made and SJVN has to blow it out of proportion and even resorted to childish name calling. Very unprofessional of him and another reason why no one takes him seriously. This incident is not going to stop people from continuing to use Microsoft Azure, the most popular cloud service available right now. I'm sure Microsoft has put a new policy in place to prevent these types of things from happening again.