Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
The certificate should be registered for both:
DNS Name=www.example.com
DNS Name=example.com.
How to fix a Certificate Name Mismatch on a managed certificate for an Azure App Service
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 76%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHH%3C/text%3E%3C/svg%3E)
Heath Hekkers
0
Reputation points
I have an Azure App Service with a custom domain. I have 2 managed certificates, one for www and one for non-www domain. Everything seems to be functioning as it should. However, when running the domain through SSL Labs, it comes back with a Certificate Name Mismatch. How do I fix this? Of note: I have since started testing a MAUI ios app that connects to an API on this domain and am getting a "An SSL error has occurred and a secure connection to the server cannot be made." error. That is what led me to testing the domain on SSL Labs and I suspect that is the issue. The website works fine on browsers and my Android app does not have any issues.
Azure App Service
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 55.00000000000001%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Ajay Kumar N 28,236 Reputation points Microsoft Employee Moderator2024-01-29T20:15:21.0333333+00:00 @Heath Hekkers , Just checking in to see if you had got a chance to see the previous response. If the answer helped (pointed, you in the right direction) > please click Accept Answer Or please share the requested/more info to help you better.
Sign in to comment
2 answers
Sort by: Most helpful
-
Nguyen Khanh Hoai Nam 0 Reputation points2025-01-10T06:59:43.1633333+00:00 -
Ajay Kumar N 28,236 Reputation points Microsoft Employee Moderator
2024-01-24T14:01:14.6933333+00:00 Heath Hekkers, As I understand you are facing an issue with App Service managed certificate (ASMC), certificate name mismatch (but, the website works fine across different platforms) – Just to highlight, Azure fully manages the certificates on your behalf, so any aspect of the managed certificate, including the root issuer, can change at anytime. These changes are outside your control. Make sure to avoid hard dependencies and "pinning" practice certificates to the managed certificate or any part of the certificate hierarchy.
App Service certificate vs App Service managed certificate (ASMC) - The free certificate comes with the following limitations: See this doc
The free certificates are issued by DigiCert. For some domains, you must explicitly allow DigiCert as a certificate issuer by creating a [CAA domain record] with the value:
0 issue digicert.com.You may always leverage App Service diagnostics from Azure Portal> Navigate to your App Service app in the Azure Portal. (screenshot below)
In the left navigation, click on
Diagnose and solve problems- Run – “Configuration and Management” and “SSL and Domains” to fetch more info.Also, see this doc -An App Service is showing the wrong certificate
Kindly let us know, I'll follow-up with you further.