C# Azure Management REST API - Add App Managed Certificate

David Warwick 121 Reputation points
2022-01-21T05:15:41.307+00:00

I am using the Azure Management REST API to create a custom domain for my Azure APP Service. This works great, but I need to add an App Managed Certificate using the management API. I followed the advice of this example: https://learn.microsoft.com/en-us/answers/questions/491924/creating-app-service-managed-certificates-via-api.html, but the response I am getting is Bad Request. Please see the code below. 

static string _ClientId = Startup.StaticConfig.GetValue<string>("Azure:ClientId");  
static string _ClientKey = Startup.StaticConfig.GetValue<string>("Azure:ClientSecret");  
static string _TenantId = Startup.StaticConfig.GetValue<string>("Azure:TenantId");  
static string _SubscriptionId = Startup.StaticConfig.GetValue<string>("Azure:SubscriptionId");  
static string _ResourceGroupName = Startup.StaticConfig.GetValue<string>("Azure:ResourceGroupName");  
static string _AppName = Startup.StaticConfig.GetValue<string>("Azure:AppName");  
static string _AppServicePlanName = Startup.StaticConfig.GetValue<string>("Azure:AppServicePlanName");  
  
public static string ResourceGroupName { get => _ResourceGroupName; set => _ResourceGroupName = value; }  
  
public static async Task<HttpStatusCode> AddHostNameFromForumResponse(string sHostName)  
{  
    var appId = _ClientId;  
    var secretKey = _ClientKey;  
    var tenantId = _TenantId;  
    var context = new AuthenticationContext("https://login.windows.net/" + tenantId);  
    ClientCredential clientCredential = new ClientCredential(appId, secretKey);  
    var tokenResponse = context.AcquireTokenAsync("https://management.azure.com/", clientCredential).Result;  
    var accessToken = tokenResponse.AccessToken;  
    using (var client = new HttpClient())  
    {  
        client.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessToken);  
        var baseUrl = new Uri($"https://management.azure.com/");  
        var requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/sites/{_AppName}/hostNameBindings/{sHostName}?api-version=2016-08-01";  
        string body = $"{{\"properties\": {{\"azureResourceName\": \"{_AppName}\"}}}}";  
        var stringContent = new StringContent(body, Encoding.UTF8, "application/json");  
        var response = await client.PutAsync(requestURl, stringContent);  
  
        if(((long)response.StatusCode == 200)) // Trying to create the app managed certificate here  
        {  
            requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/certificates/{sHostName}?api-version=2019-08-01";  
            var serverFarm = $"/subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/serverfarms/{_AppServicePlanName}";  
            body = $"{{\"properties\": {{\"canonicalName\": \"{sHostName}\", \"hostNames\": [\"{sHostName}\"], \"serverFarmId\": \"{serverFarm}\"}}}}";  
            stringContent = new StringContent(body, Encoding.UTF8, "application/json");  
            response = await client.PutAsync(requestURl, stringContent);  
        }  
  
        return response.StatusCode;  
    }  
  
}  
  
requestURI = https://management.azure.com/subscriptions/xxx-xxx-xxx-4c7e01d9a379/resourceGroups/MyResourceGroupName/providers/Microsoft.Web/certificates/contoso.com?api-version=2019-08-01

serverFarm = /subscriptions/xxx-xxx-xxx-4c7e01d9a379/resourceGroups/MyResourceGroupName/providers/Microsoft.Web/serverfarms/ResourceGroup-80c2

body = {"properties": {"canonicalName": "contoso.com", "hostNames": ["contoso.com"], "serverFarmId": "/subscriptions/xxx-xxx-xxx-4c7e01d9a379/resourceGroups/MyResourceGroupName/providers/Microsoft.Web/serverfarms/ResourceGroup-80c2"}}

I'm not positive that my serverFarmId is formatted correctly because https://learn.microsoft.com/en-us/rest/api/appservice/certificates/create-or-update says it should be formatted as:

Properties.ServerFarmId - Resource ID of the associated App Service plan, formatted as: "/subscriptions/{subscriptionID}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/{appServicePlanName}"

And my app service plan name is

167107-image.png

I tried adding it with the (B1:1) as well, but it didn't work either.

Anyone have any ideas about why I am getting a bad request?

Thanks.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,874 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. David Warwick 121 Reputation points
    2022-01-22T18:46:17.27+00:00

    I have now figured out a complete solution. Please see the accepted answer at https://stackoverflow.com/questions/70815827/c-sharp-azure-management-rest-api-bind-certificate-to-app-service-custom-domai/70824691?noredirect=1#comment125207561_70824691

    And also see the complete code solution in the edit of my original question at the same link.

    0 comments