Hello @Dan Puzey ,
This is a known issue and the ASMC team is working on deploying a fix. In the meantime, can you please try this Powershell script:
#Connect-AzureRmAccount
$subscription = "SUBSCRIPTION-ID"
$resourceGroupName = "RESOURCE-GROUP-NAME"
$appServicePlanName = "APP-SERVICE-PLAN-NAME"
$subjectName = "DOMAIN-NAME"
Set-AzureRmContext -SubscriptionId $subscription
$appServicePlan = Get-AzureRmResource `
| Where-Object {$_.ResourceGroupName -eq $resourceGroupName } `
| Where-Object {$_.Name -eq $appServicePlanName}
New-AzureRMResourceGroupDeployment `
-ResourceGroupName $resourceGroupName `
-SubjectName $subjectName `
-AppServicePlanName $appServicePlanName `
-Location $appServicePlan.Location `
-TemplateFile "CreateHttpFreeCert.json"
This script will only create an App Service Managed Certificate for a custom domain that has already been added to your web app. If you run this script before adding a custom domain to the web app, the script will fail.
Hope that helps.
-Grace