Jamf Security Cloud - secure DNS services are not working due to a wrong certificate

Update timeline

1. investigating Jun 15, 2025, 03:02 AM UTC

   We are currently investigating this issue.

2. identified Jun 15, 2025, 03:17 AM UTC

   The issue has been identified and a fix is being implemented.

3. monitoring Jun 15, 2025, 04:18 AM UTC

   A fix has been implemented and we are monitoring the results.

4. resolved Jun 15, 2025, 04:31 AM UTC

   This incident has been resolved.

5. postmortem Jun 16, 2025, 09:28 PM UTC

   **June 15, 2025 - Jamf SecureDNS Outage RCA** **Summary and Timeline** On June 15, 2025 \(00:00 UTC\), devices using SecureDNS lost internet access due to an outage affecting Web Threat Prevention and Content Filtering capabilities within Jamf Safe Internet, Jamf Protect, and Jamf Trust services.The root cause of the incident was an expired SSL certificate, leading to loss of security features or loss of internet connectivity for end user devices. Although the certificate in question was renewed on May 22nd, 2025, the process used to deploy this certificate had an error, which resulted in incomplete distribution across our global cloud environment.After receiving customer reports of the outage, we investigated, identified the issue and impacted services, and then manually deployed the new certificate to restore the service. We are currently conducting a thorough internal review of the outage and will work to improve the certificate management process to minimize the risk of a repeat occurrence. **Incident Timeline \(UTC\)** * June 15, 2025 at 00:00: The SSL certificate expires * June 15, 2025 at ~00:25 : Troubleshooting efforts begin * June 15, 2025 at 01:45: Root cause identified * June 15, 2025 at 02:30: Teams locate all services requiring updated certificate * June 15, 2025 at 04:15: New certificate is deployed to US regions * June 15, 2025 at 04:30: Jamf verifies that the issue has been resolved across all regions Service disruption duration: 270 minutes **Impact Assessment** Users Affected: All end user devices with Encrypted DNS Gateway configured, lost internet access. Services Impacted: SecureDNS **Remediation Items & Next Steps** We are currently conducting a thorough internal investigation of the events that led to the outage and identifying any gaps that we will need to address to minimize the risk of such occurrences. Our key areas of focus include: **1. Certificate management reviews –** Ensure certificate documentation is up to date and include explicit verification steps for each service component. Enhance existing certificate expiration monitoring. **2. Monitoring** – review and enhance monitoring and alerting of anomalies in traffic patterns. Add in synthetic monitoring. **3. Communications** – Refine internal and customer-facing workflows to ensure rapid response and clarity during incidents. 4\. Evaluate adding additional critical domains to **on-device content filtering safe list.** _For additional questions and needs, please reach out to your customer success manager or log a support ticket at_ [_support.jamf.com_](http://support.jamf.com/)_._