DUO Certificate Authority Bundle Expiration

Answered

Josh

• August 28, 2025 15:38

I wanted to share this information and see if it will have any impact on Cerberus FTP and if anything needs to be upgraded prior to the certificate expiration.

https://help.duo.com/s/article/9451?language=en_US

0

• Official comment

  

  Jeff Scott

  Product Support

  • August 28, 2025 15:43

  Hi Josh,

   

  Thank you for reaching out and sharing this information with us.  What I am going to do is to file an internal ticket with our development team to inquire what impacts this will have on Cerberus FTP Server if any.  A member of our support team will follow up once we hear back from our development team. 
• 

  Josh

  • August 28, 2025 21:11

  Ok, thanks for the update.

  0
• 

  Josh

  • October 01, 2025 02:33

  Hello,

  Any update on this?

  Thanks

  0
• 

  Connor Woolfolk

  Community Manager

  • October 01, 2025 13:28

  Hello Josh,

  Unfortunately, we do not have an update from our engineering team on this quite yet, but I will reach out to ask if there's anything new information we can provide.

   

  0
• 

  Jeff Scott

  Product Support

  • December 12, 2025 15:33

  Hello All,

  Cerberus FTP Server is NOT affected by this issue. Our engineering team investigated and determined that this issue only impacts applications using Duo's official SDK libraries (duo_api_*, duo_universal_*, duo_client_*) that implement certificate pinning. Cerberus FTP Server uses a custom-built Duo integration that relies on standard OpenSSL certificate validation with the system CA trust store, not certificate pinning.  Additionally, we built our own Duo Auth API v2 and Universal Prompt (OAuth/OIDC) integration in C++.Our implementation uses standard HTTPS connections via OpenSSL 3.0.  The certificate validation is handled by Windows Certificate Store (auto-updated by Windows Update).  

   

  1

Please sign in to leave a comment.