|
|
|
|
|
|
by vb-8448
691 days ago
|
|
|
This is what i see for eg for outlook.com: root issuer: CN = DigiCert Global Root CA
OU = www.digicert.com
O = DigiCert Inc
C = US intermediate issuer: CN = DigiCert Global Root CA
OU = www.digicert.com
O = DigiCert Inc
C = US server certificate issuer: CN = DigiCert SHA2 Secure Server CA
O = DigiCert Inc
C = US |
|
|
The end-entity certificates I see for microsoft.com, azure.microsoft.com, portal.azure.com are all issued by:
C = US, O = Microsoft Corporation, CN = Microsoft Azure RSA TLS Issuing CA 0X [where X varies]
In any case, I just analyzed DigiCert's CRLs and it doesn't look like they've done many revocations yet. These are the only CT-logged certs revoked in the last 24 hours with reason code 4 (required when domain validation is done improperly):
https://gist.github.com/AGWA/2d22a1a94ef80ccdb38e3248323f434...
I don't see any Microsoft/Azure domains in that list.