Static Web App: www subdomain not working with automatic SSL certificate

TC 5 Reputation points

New static web app setup with custom domain, using the automatic certificate Azure generates. works fine. However fails with a certificate error.

Azure DNS seems correct. Tried both A record and CNAME record using "www" subdomain aliased to the Static Web App resource.

Certificate in browser when it works is correctly "" but certificate when it fails looks like its the wildcard one for the automatic Url.

All the documentation seems to indicate only a CNAME entry is needed on Azure DNS for a custom subdomain in this case.

Any thoughts on diagnosing this appreciated.

Azure Static Web Apps
Azure Static Web Apps
An Azure service that provides streamlined full-stack web app development.
544 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. TC 5 Reputation points

    The problem is the Azure DNS documentation is correct only from a pure DNS perspective: yes, a CNAME entry to alias "www" works in an IP-resolution sense, but no, it requires additional steps to work with HTTPS.

    i.e. the Azure Static Web App documentation doesn't make clear that only domains listed in the custom list will have SSL certificates created for them and just talks about CNAME entries.

    Hence the IP mapping is identifying the correct target but then the TLS on top fails because the original URL ( is not in the SSL certificate of the final target IP (

    So to make work, add the CNAME alias and also add it as a Web App Custom Domain.

    Finally for additional http-only mappings (e.g. a work-around is to add a Classic CDN end point (to a dummy storage account with static web pages enabled), add these domain(s) to it, add the CNAME(s), and then set a Global rule to Url Redirect to

    1 person found this answer helpful.