We use default SSL certificates in Azure, so we do not have to do any maintenance for them. We do not use the paid SSL cert service, nor the custom SSL certs.
A consumer of our webapp in Azure App Services caches the Azure SSL certificate. Whenever Microsoft changes that certificate, their connection stops working.
This has already happened twice - Fall of 2019, Fall of 2020. Both times we got zero notification of the change from Microsoft, which resulted in a service disruption.
How can we get an advanced notification of these default certs changing? Would like the date of the change and the cert files.
Salesforce.com, for example, has a "group" where they post such changes months ahead, and provide a zip file with the new certs. Can Microsoft do something like that?