Enterprise cloud vendor ServiceNow faced widespread customer frustration after a root certificate error disrupted services for over 600 organizations.
The issue began early Monday morning when a key SSL certificate expired and affected the company’s Management, Instrumentation, and Discovery (MID) Server, leaving users unable to integrate applications, access updates, and manage critical operations.
The company notified its customers in an advisory admitting the issue.
“ServiceNow has identified an expired SSL Root certificate that is affecting MID Server and instance-to-instance connectivity,” ServiceNow said in the advisory.
According to the note, the expired MID Server Root G2 SSL certificate caused connectivity failures across multiple services, including Orchestration, Discovery, and AI-powered functions such as Virtual Agent. The advisory noted that instance upgrades, update set retrievals, and instance-to-instance communications were among the affected functionalities.
The company in the advisory has confirmed that 616 customers were affected and promised that a fix is being rolled out to resolve the problem.
“This issue may be impacting your Integrations, Orchestration, Discovery, and MID Server Script Executions that rely on MID Servers or instance-instance communication,” the advisory read.
As part of its “next steps” to address the issue, the company stated that “ServiceNow is continuing our preparation work to roll out the SSL Root certificate chain and remove the expired certificate used by your hosted instance.”
Customer frustration and delayed communication
ServiceNow is leveraged by over 80% of Fortune 500 companies, with a customer retention rate of 98-99%, said Sangamesh Kadagad, practice director at Everest Group. “As a critical platform for many enterprises, expectations for its performance and security are very high. However, recent incidents, including a knowledge base data breach and SSL root certificate vulnerabilities, have raised concerns within its user base.”
While the company has been working on a resolution, the outage sparked frustration among customers, many of whom voiced their displeasure online.
“It would be nice if they actually notified all impacted customers before I page out several other teams while waiting on ServiceNow to pick up my ticket,” one customer noted on the online forum Reddit. Others reported delays of over 90 minutes before ServiceNow officially linked their cases to the root certificate issue.
Adding to the frustration, some reports suggest that ServiceNow was aware of the impending certificate expiration two weeks prior to the outage, but the job to replace it was mishandled, leading to widespread disruption.
A few other users claimed the issue was not only with MID. “This appears to affect AI search as well,” one more user wrote in the online forum.
A broader challenge for ServiceNow
The certificate blunder comes on the heels of another public relations challenge for ServiceNow. Just last week, the company admitted that some customers’ internal knowledge base (KB) articles could be accessed due to a security issue. ServiceNow pledged to collaborate with affected clients to fix that problem, but the recent certificate error has compounded concerns about the reliability of its services.
A couple of months ago, three critical vulnerabilities in the ServiceNow IT service management platform exposed sensitive information from over 105 organizations including government agencies, data centers, energy providers, and software development firms.
Although outages stemming from certificate issues are not uncommon, the lack of timely communication has amplified user dissatisfaction. The incident has been a setback for the company, which positions itself as a leader in enterprise cloud solutions for managing digital workflows.
As of now, some customers have reported partial service restoration, and ServiceNow continues to work on a complete fix. However, users are calling for improved transparency and more proactive communication to prevent future disruptions of this scale.
For a company managing critical workflows across thousands of global enterprises, reliable system performance and communication are paramount.
“Moving forward, organizations are likely to exercise caution during contract renewals, exploring contingency plans to mitigate potential risks,” Kadagad added. “To maintain trust and ensure continued customer confidence, ServiceNow must take adequate actions and implement security measures to prevent any such occurrence in the future.”
As ServiceNow moves forward, it will need to rebuild customer trust and ensure that similar issues are addressed more swiftly in the future.
Read More from This Article: ServiceNow certificate error disrupts operations for hundreds of organizations
Source: News