25,081 questions
This should be fixed in the next hour. Sorry for the any inconvenience and thank you for your patience
Azure AD Application Proxy SSL Certificate for custom domain
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 11%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDL%3C/text%3E%3C/svg%3E)
Daniel Lnenicka
6
Reputation points
I'm setting up what is now our 3rd Azure AD App Proxy, and having an issue with the SSL certificate that I didn't have the first two times. It was already set to use the same certificate, being the same custom domain... but instead has been presenting clients with the *.msappproxy.net certificate, instead of the uploaded one.
So, I've uploaded it again to the app proxy, I've switched to a different cert and back... and still nothing.
But now where I'm at, I have some clients receiving the cert I switched to (which was a cert issued from an internal CA), and some receiving the *.msappproxy.net cert. But none are receiving the publicly issued wildcard cert, that is still working fine on the first 2 app proxies I made.
So... did Microsoft change something on their back end? Is there a bug going on right now with SSL certs and Azure AD App Proxies? Does anyone know anything else to try?
Microsoft Security Microsoft Entra Microsoft Entra ID
{count} votes
-
James Hamil 27,211 Reputation points Microsoft Employee Moderator2020-11-21T00:08:17.967+00:00 Hi, I'm going to escalate this and I will get back to you shortly with an update!
Best,
James -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 70%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
Dom A 1 Reputation point2022-02-07T18:27:43.707+00:00 Hey I am having this exact same issue with any azure app proxy that im setting up
Sign in to comment
2 answers
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 78%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Avi Carmon 1 Reputation point2020-11-21T07:22:27.847+00:00 -
JamesTran-MSFT 36,906 Reputation points Microsoft Employee Moderator2020-11-26T00:09:39.32+00:00 @Daniel Lnenicka
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 91%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Petr Kutalek 1 Reputation point2022-03-24T12:36:16.82+00:00 Hello,
we have open a ticket for the completely same issue for two days. What was the root cause please and how this can be resolved?
Sign in to comment -
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 4%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDV%3C/text%3E%3C/svg%3E)
Řádek Vít 0 Reputation points2024-01-23T17:01:07.9766667+00:00 Years later, the system still has problems.
I've discovered the process for fixing the configuration.
I have configured Enterprise application for specific URL including proper certificate.
Page access started operating as intended.I have removed specific configuration (changed to another URL).
The page is still functional; perhaps it is utilizing a wildcard configuration.-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 91%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEB%3C/text%3E%3C/svg%3E)
Elia Bruno 0 Reputation points2024-02-05T11:29:51.0166667+00:00 Hey, i have the same issue. What was the workaround? I changed the URL, reuploaded the SSL certificates, deleted the app, etc. but i'm still getting the *.msappproxy.net certificate. Did you something else? And do you know, if there is a statement from Microsoft, why this does not work? Thx
Sign in to comment -