check before: 2022-05-23
Product:
Microsoft 365 Apps
Platform:
World tenant, Online
Status:
Change type:
Admin impact
Links:
Details:
The Microsoft Root Certificate Program supports the distribution of root certificates, enabling customers to trust Windows products. As was previously announced in March 2022, the United States Federal PKI team formally requested the removal of the "Federal Common Policy" root certificate, also known as the "G1" root certificate, from the Microsoft Trusted Root Program.
When will this happen:
On May 24, the "G1" root certificate will be removed by an out-of-band update. Action is required before this date on environments which presently use this certificate.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2022-05-10
updated:
2022-08-27
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
** AI generated content. This information is not reliable.
the free basic plan is required to see all details. Sign up here
change history
| Date | Property | old | new |
| 2022-09-15 | MC prepare | Before May 24, the "G2" root certificate must be implemented on environments that require the change. There are multiple ways to deploy the root store to enterprise devices.
Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions. Additional information: Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section) Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements ps://docs.microsoft.com/security/trusted-root/program-requirem ps://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy ps://playbooks.idmanagement.gov/fpki/common/distribute-os/ ps://playbooks.idmanagement.gov/fpki/common/migrate/ ps://playbooks.idmanagement.gov/fpki/common/obtain-and-verify ps://www.idmanagement.gov/ | Before May 24, the "G2" root certificate must be implemented on environments that require the change. There are multiple ways to deploy the root store to enterprise devices.
Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions. Additional information: Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section) Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements https://docs.microsoft.com/security/trusted-root/program-requirements https://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy https://playbooks.idmanagement.gov/fpki/common/distribute-os/ https://playbooks.idmanagement.gov/fpki/common/migrate/ https://playbooks.idmanagement.gov/fpki/common/obtain-and-verify https://www.idmanagement.gov/ |
| 2022-08-27 | MC prepare | Before May 24, the "G2" root certificate must be implemented on environments that require the change. There are multiple ways to deploy the root store to enterprise devices.
Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions. Additional information: Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section) Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements https://docs.microsoft.com/security/trusted-root/program-requirements https://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy https://playbooks.idmanagement.gov/fpki/common/distribute-os/ https://playbooks.idmanagement.gov/fpki/common/migrate/ https://playbooks.idmanagement.gov/fpki/common/obtain-and-verify https://www.idmanagement.gov/ | Before May 24, the "G2" root certificate must be implemented on environments that require the change. There are multiple ways to deploy the root store to enterprise devices.
Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions. Additional information: Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section) Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements ps://docs.microsoft.com/security/trusted-root/program-requirem ps://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy ps://playbooks.idmanagement.gov/fpki/common/distribute-os/ ps://playbooks.idmanagement.gov/fpki/common/migrate/ ps://playbooks.idmanagement.gov/fpki/common/obtain-and-verify ps://www.idmanagement.gov/ |
Last updated 1 year ago ago
