This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 32%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAH%3C/text%3E%3C/svg%3E)
We created an AAP app with a custom domain a little while ago and applied our wildcard certificate without issue.
We've recently added several other AAP apps and configured them in exactly the same way using the same certificate, however each of these is presenting a *.msappproxy.net certificate when you visit the custom domain name, causing browsers to report it as insecure with a NET::ERR_CERT_COMMON_NAME_INVALID error.
I see someone else experienced the same issue here and someone from MS fixed it for them: https://learn.microsoft.com/en-us/answers/questions/170336/azure-ad-application-proxy-ssl-certificate-for-cus.html - Could somebody take a look please?
Many thanks,
Andy
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 70%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
I am also having the same issue
@Andy Harris we are having this issue too - Following
Hello @Andy Harris ,
The issue has been resolved after re-upload the SSL certificate. Therefore, sharing it here which may be useful to other members of the community reading this topic.
-----
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hello @Andy Harris ,
Thanks for reaching out and apologies for any inconvenience caused my above issue.
I have checked with our engineering team, and we don't see any indications of a similar outage on the Azure AD App Proxy side. Therefore, would request you to open a support ticket as this would need deeper investigation to identity cause for the issue. If you don't have support plan then please send an email with the subject line “Attn: SivaKumarS” to AzCommunity[at]Microsoft[dot]com referencing this thread and your subscription id so that we will help you get a one-time free technical support. Hope this helps.
-----
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hi @sikumars-msft, many thanks for your response.
I've sent you an email as requested, however I see that @Dom A has also reported the same issue, which suggests the issue isn't exclusive to our tenant.
If you could progress as soon as possible it would be very much appreciated.
Many thanks,
Andy
As mentioned by @sikumars-msft, it appears there is currently an issue when re-using an existing SSL certificate for new apps, in that the certificate doesn't get applied is it should.
The current workaround is to re-upload the SSL certificate for each app you're seeing a certificate issue with.