RJN , Apologies for the delayed response.
Based on my understanding of your issue description, App Service Managed Certificate (ASMC) failed to generate due to an expired pending certificate. Typically, this can happen if the certificate validation process takes too long and the pending certificate expires before the validation is complete.
App Service certificate vs App Service managed certificate (ASMC) - The free certificate comes with the following limitations:#create-a-free-managed-certificate
The free certificates are issued by DigiCert. For some domains, you must explicitly allow DigiCert as a certificate issuer by creating a CAA domain record with the value: 0 issue digicert.com
.
If you haven't done already already, you may always leverage App Service diagnostics from Azure Portal> Navigate to your App Service app in the Azure Portal.
In the left navigation, click on Diagnose and solve problems
- Run – “Configuration and Management” and “SSL and Domains” to fetch more info.
Also, try the following steps:
- Delete the failed certificate from the Azure portal.
- Wait for a few minutes to ensure that the certificate is fully deleted.
- Request a new certificate by following the steps to add a custom domain to your Azure App Service.
- Wait for the certificate to be generated.
If the issue persists, you may also check the DNS records to ensure that they are correctly configured and that the domain is pointing to the correct IP address.
If the answer helped (pointed, you in the right direction) > please click Accept Answer to benefit the community find answers quickly to similar question_._