Share via

How to make app service plan managed certificated for subject alternative names in azure?

Heeyoung Eom (엄희영) 146 Reputation points
2021-11-24T17:19:30.58+00:00

If you don't support the subject alternative names yet, How can I grant certificates to each of the domains?

Can you tell me an example that reflects multiple certificates? Below is my example code. 

resource "azurerm_app_service_custom_hostname_binding" "service_host_bind" {
     
     for_each                     =  azurerm_dns_cname_record.cname_target
      
     hostname                  = trim(each.value.fqdn, ".")
      
     app_service_name     = azurerm_app_service._service.name
      
     resource_group_name = azurerm_resource_group._rg.name
      
     depends_on          = [azurerm_dns_txt_record._txt_target]

     lifecycle {
        ignore_changes = [ssl_state, thumbprint]
      }    }

resource "azurerm_app_service_managed_certificate" "_service_manage_cert" {
  
     for_each                    = azurerm_app_service_custom_hostname_binding._service_host_bind
  
     custom_hostname_binding_id  = each.value.id     
}

resource "azurerm_app_service_certificate_binding" "xtrm_service_certi_bind" {
  
     hostname_binding_id = azurerm_app_service_custom_hostname_binding._service_host_bind.id
  // ## how to for_each??
     certificate_id               = azurerm_app_service_managed_certificate._service_manage_cert.id
        // ## how to for_each??
     ssl_state           = "SniEnabled"       
}

What should I do?
Hostname_binding_id and can we satisfy two certificate_ids?

Is it the right direction to issue each certificate?

I checked the document below and I know that not support yet.

https://stackoverflow.com/questions/64865555/manage-subject-alternative-name-for-app-service-certificate

Currently, we have prepared several domains for redirect, and we tried to grant certificates for each.
For example, when there is an endpoint domain (www.azure.com), domains for redirect: auz-ure.com, auz-ure.com, az-ops.shop, etc.
(azure-redirect.net -> www.azure.com
auz-ure.com -> www.azure.com
az-ops.shop -> www.azure.com)

For the terraform code, I referred to the document.

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_managed_certificate

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,965 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ajkuma 28,036 Reputation points Microsoft Employee Moderator
    2021-12-06T19:42:04.58+00:00

    How do you create a service plan free certified and use it in the application gateway?

    Apologies for the delay! Following-up to confirm on this-

    HeeyoungEom-0524, App Service Managed Certificate (ASMC) only lives within App Service, so currently adding ASMC to the App Gateway resource is not possible.

    I have relayed the feedback to our product engineering team.

    Also, if you wish you may share your feedback on our Uservoice - All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure. Users with a similar request, can up-vote you post and add their comment.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.