App Service Managed Certificates for apex domains

Dan Puzey 21 Reputation points
2021-04-20T15:53:28.463+00:00

I have a webapp that is connected to by a number of domains, each secured with App Service Managed Certificates. I've previously created certs for two apex domains on this app, based on A records in DNS, but today I am getting the message that I need an active CNAME record to do this.

Is this regression intentional? What's the supported behaviour expected to be here?

EDIT: I've got a few domains to set up/migrate in the same way, and I just tried another, and it's worked... so the issue is specific to one apex domain. I'd be happy to share more details privately if that's useful - perhaps it's a misleading error message and there's something else wrong with the DNS?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,968 questions
0 comments No comments
{count} votes

Accepted answer
  1. Grmacjon-MSFT 19,301 Reputation points Moderator
    2021-04-20T20:39:31.58+00:00

    Hello @Dan Puzey ,

    This is a known issue and the ASMC team is working on deploying a fix. In the meantime, can you please try this Powershell script:

    #Connect-AzureRmAccount  
      
    $subscription = "SUBSCRIPTION-ID"  
    $resourceGroupName = "RESOURCE-GROUP-NAME"  
    $appServicePlanName = "APP-SERVICE-PLAN-NAME"  
    $subjectName = "DOMAIN-NAME"  
      
    Set-AzureRmContext -SubscriptionId $subscription  
      
    $appServicePlan = Get-AzureRmResource `  
        | Where-Object {$_.ResourceGroupName -eq $resourceGroupName } `  
        | Where-Object {$_.Name -eq $appServicePlanName}  
      
    New-AzureRMResourceGroupDeployment `  
        -ResourceGroupName $resourceGroupName `  
        -SubjectName $subjectName `  
        -AppServicePlanName $appServicePlanName `  
        -Location $appServicePlan.Location `  
        -TemplateFile "CreateHttpFreeCert.json"   
    

    This script will only create an App Service Managed Certificate for a custom domain that has already been added to your web app. If you run this script before adding a custom domain to the web app, the script will fail.

    Hope that helps.

    -Grace


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.