Unable to create new App Service Certificate due to Azure error

FEAST Soft 0 Reputation points
2024-03-15T11:48:59.6666667+00:00

I am getting an error message when trying to create a new App Service Certificate in Azure. The error messages are provided in the attached images. Can someone help me troubleshoot what might be causing this issue?

azure error 1

azure 2

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,773 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Deepanshukatara-6769 9,270 Reputation points
    2024-03-15T12:04:08.9966667+00:00

    Hi ,

    Not enough permissions: Ensure that you have the necessary permissions to create an App Service Certificate or resource group or any resource. You need at least Contributor permissions in the subscription.

    To assign a contributor role in Azure to create resources under a subscription, follow these step-by-step instructions:

    1. Sign in to Azure Portal: Go to the Azure portal (https://portal.azure.com/) and sign in with your Azure account credentials.
    2. Navigate to Subscriptions: On the left-hand side of the Azure portal, click on "Subscriptions". This will display a list of all the subscriptions associated with your account.
    3. Select Subscription: Choose the subscription to which you want to assign the contributor role. Click on the subscription name to open its details.
    4. Access Control (IAM): In the subscription details page, click on "Access control (IAM)" from the menu. This will open the IAM (Identity and Access Management) blade for the subscription.
    5. Add Role Assignment: On the IAM blade, click on the "+ Add" button at the top to add a new role assignment.
    6. Select Role: In the "Add role assignment" pane, select "Contributor" as the role. The contributor role grants permissions to create and manage resources, but not permissions to manage access control.
    7. Assign Access to: In the "Assign access to" section, you can assign the role to a user, group, or service principal. Click on the drop-down menu to select the appropriate option.
    8. Choose User/Group: After selecting the type of principal (user, group, or service principal), search for and select the user or group to whom you want to assign the contributor role. You can either type their name or email address in the search box.
    9. Review and Assign: Review the details of the role assignment to ensure accuracy. Verify the selected role, user/group, and subscription. Click "Save" or "Assign" to create the role assignment.
    10. Verification: Once the role assignment is created, verify that the user or group now has the contributor role within the subscription. They should be able to create and manage resources under that subscription.

    Please check this link for more details

    https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

    Kindly accept answer , if it helps


  2. SnehaAgrawal-MSFT 21,506 Reputation points
    2024-03-27T07:00:01.56+00:00

    @FEAST Soft To elaborate further- If you are unable to create a new App Service Certificate in Azure due to the error message

    You cannot perform this action without all of the following permission- Microsoft/certificate.registration/certificateOrders/Write

    It means that you do not have the necessary permissions to create a new certificate. Here are some steps you can follow to fix this issue:

    1. Check your permissions: Make sure that you have the necessary permissions to create a new certificate. You need the Microsoft/certificate.registration/certificateOrders/Write permission to create a new certificate. If you do not have the necessary permissions, contact the owner or administrator of the Azure subscription to grant you the required permissions.
    2. Check the subscription settings: Make sure that the subscription settings in Azure are configured correctly. If you are using Azure App Service, make sure that the subscription settings are configured correctly.
    3. Try creating the certificate in a different region: Sometimes, creating a certificate in a different region may resolve the issue. Try creating the certificate in a different region to see if the issue is resolved.
    4. As Suggested by Deepanshu You need at least Contributor permissions in the subscription.

    Please let us know if further query or issue remains.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.