Yeah, this really pisses me off. We also use Cloudflare and can't use ASMC because of this. The ridiculous thing is that they've already verified my custom domains that I want the certs for. No reason they couldn't use a TXT record or HTTP validation method either.
App Service Managed Certs alternative validation method
We would like to use App Service Managed Certs for our webapps, but they reside behind Cloudflare. Because of this, ASMC will not validate because the CNAME doesn't point to azurewebsites.net. Is there any plan to add alternative validation methods? Checking if the custom domain in the web app is already validated is used to validate paid App Service Certificate purchases now. ASMC should be able to do this as well I would think.
3 answers
Sort by: Newest
-
-
Mr. L 11 Reputation points
2021-04-06T16:14:47.667+00:00 Yes this still looks to be a problem.
The actual response should be:
"The only way to validate an App Service Managed Certs for your webapps is if your custom domain has a CNAME pointed to your <app-name>.azurewebsites.net and be PUBLICLY RESOLVABLE to the CNAME record" aka no record based masking.
It seems a bit stupid for this tbh, considering other providers use HTTP/HTTPS validation methods to ensure the traffic sent, is received by the service.
-
Grmacjon-MSFT 16,446 Reputation points
2021-01-12T21:18:16.733+00:00 Hi @Joe H ,
It looks likes you asked this question a couple of months ago on this post. Nothing has changed with the validation process. The only way to validate an App Service Managed Certs for your webapps is if your custom domain has a CNAME pointed to your <app-name>.azurewebsites.net.
Thanks,
Grace