On February 12th, 2022 at 9AM PT, we will be renewing a certificate used for api.amplitude.com and analytics.amplitude.com domains. We are only updating our end-entity certificate without any changes to our intermediate or root certificates. For the vast majority of situations, we do not expect any impact with sending data to Amplitude or using Amplitude Analytics.
How do I know if I’m impacted?
To understand if you are impacted, please reach out to your team responsible for your Amplitude implementation (e.g. IT, Engineering, team who handles the Amplitude SDK) and send them the information present in this post.
Have your team review the following information and if you answer yes to either of the two points below, then you are impacted.
- Your systems trusts only the current Amplitude end-entity certificate that is expiring on February 13th, 2022
- Your systems pin the entire certificate chain
The above scenarios are very uncommon and most users will not require action from this change.
Additionally, you are not impacted and no action is required if you answer yes to any of the following:
- Amplitude SDKs are used to send data to Amplitude
- An integration is used to send data to Amplitude
- SSL Pinning is not used at all
What should I do if I am impacted?
Please respond to this community post and a Support team member will reach out to provide you our new end-entity certificate before we replace it
If you do not take the necessary steps, you may be unable to log into Amplitude Analytics if your SSO implementation relies on our old end-entity certificate or send data to api.amplitude.com if you pin the entire certificate chain
Once again, the team that handles the implementation of Amplitude should be sent the following information and they will be able to provide you with an overview of whether you are impacted or not.
If you have any questions, please submit any questions within this Amplitude Community post and our Support team will be able to provide guidance.