SUMMARY
On September 22, 2025, between 03:59 UTC (12:59 PT) to 12:44 UTC (09:44 PT), Inbound email processing failed for customers due to expired TLS certificates on mail pods (Pods 13, 15, and 27). Customers encountered "Certificate Expired or Invalid" errors, especially when using Outlook. We received 29 tickets pertaining to this incident.
Timeline
September 22, 2025 07:13 UTC | 12:15 AM PT
We have identified that some customers have been experiencing email processing issues via Support. Customers are encountering "Certificate Expired or invalid" error messages.
Our engineers are actively investigating this issue. Updates will be provided as soon as it becomes available.
We appreciate your understanding as we work to resolve this issue.
September 22, 2025 11:40 UTC | 04:40 AM PT
We are currently aware that some customers are encountering a "Certificate Expired or Invalid" error when accessing their Outlook application. Our engineering team has identified the root cause and is actively working on a resolution. We apologize for the inconvenience and appreciate your patience as we address this issue. We will provide updates as they become available.
September 22, 2025 14:05 UTC | 07:05 AM PT
Our engineering team has addressed the "Certificate Expired or Invalid" error by deploying new certificates across all affected profiles. We kindly ask you to confirm if the issue has been resolved on your side. Should you experience any further problems, please reach out to us so we can assist promptly.
September 22, 2025 15:07 UTC | 08:07 AM PT
We are pleased to inform you that the issue causing the "Certificate Expired or Invalid" error when accessing Outlook has been resolved. We sincerely appreciate your patience as our team worked diligently to address and resolve this matter.
Root Cause Analysis
This incident was caused by a renewed security certificate created in the legacy system before September 21st. However, the updated certificate was not properly synchronized to the current system that retrieves the certificate, resulting in the use of the expired certificate and causing the incident.
Resolution
To fix this issue, Engineering updated the certificate to the latest version and restarted the system across all servers. The team then verified that each server was using the new certificate.
Remediation Items
- Ensure the certificates in the current system automatically synchronize with the latest version from the legacy system.
- Review all applications owned by the team for certificate management issues and confirm automated certificate updates are properly in place.
- Investigate with related teams if recent changes might have disrupted certificate synchronization between systems.
- Set up alerts to notify the team about certificates nearing expiration and take action when necessary.
FOR MORE INFORMATION
For current system status information about Zendesk and specific impacts to your account, visit our system status page. You can follow this article to be notified when our post-mortem report is published. If you have additional questions about this incident, contact Zendesk customer support.