Share via

Provision and bind managed certificate to custom domain for azure container apps with az cli fails: certificate does not exist in environment

Riccardo Barbieri 60 Reputation points
2024-07-07T11:59:31.5+00:00

I am trying to provision and then bind a managed certificate to a custom domain for an Azure Container App but I am getting an error.

I used the command 

az containerapp env certificate create -g $RESOURCE_GROUP -n $CONTAINER_APP_ENV_NAME --hostname $CUSTOM_DOMAIN --validation-method CNAME

The certificate is created correctly as I checked both on azure portal and with the command

az containerapp env certificate list -g $RESOURCE_GROUP -n $CONTAINER_APP_ENV_NAME --managed-certificates-only --output tsv

The output is as follows:

With the last command I obtain the name of the certificate and use it with the command

az containerapp hostname bind -g $RESOURCE_GROUP -n $CONTAINER_APP_NAME --hostname $CUSTOM_DOMAIN  --environment $CONTAINER_APP_ENV_NAME --certificate $CERT_NAME --validation-method CNAME

The last command fails with the error: The certificate <cert-name> does not exist in Contaier app envoronment <env_name>.

Am i missing something obvious? Can someon help me with this error?

Azure Container Apps
Azure Container Apps
An Azure service that provides a general-purpose, serverless container platform.
442 questions
Accepted answer
  1. navba-MSFT 24,905 Reputation points Microsoft Employee
    2024-07-10T07:38:46.8166667+00:00

    @Riccardo Barbieri Apologies for the late reply. Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    .

    To identify the cause of the issue, you should try running the same command with the --debug switch and check which REST API was failing and its underlying error traceback:

    .

    Action Plan:

    You can isolate the issue by following the below steps in order and check if that helps:

    .

    Step 1:

    The below CLI command should create a managed certificate and it will return the resource-id of the certificate.

    az containerapp env certificate create

    .

    Step 2:

    Then , try using the resource-id of the certificate to bind to hostname by running below command:

    az containerapp hostname bind

    .

    Hope this helps. If you have any follow-up questions, please let me know. I would be happy to help.

    **

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.