Exception of type 'Microsoft.Azure.Cdn.Common.ProviderPluginContracts.ProviderException' was thrown.

Mathias Schübel 21 Reputation points

iam trying to bind a custom domain to a cdn endpoint.
Through the nature of the domain ( root, no subdomain ) i cant use the cdn managed certificate.

So i created a wildcard certificate for the domain, added it to the vault and tried to use it.

On saving, i got the following error: 'Exception of type 'Microsoft.Azure.Cdn.Common.ProviderPluginContracts.ProviderException' was thrown.' no further details.
Anyone got any hints?


Azure Content Delivery Network
0 comments No comments
{count} votes

Accepted answer
  1. ChaitanyaNaykodi-MSFT 17,976 Reputation points Microsoft Employee

    Hello @MathiasSchbel-5194, Welcome to the Microsoft Q&A platform.

    As I understand from the question you are trying to configure HTTPS on your custom domain for Microsoft Azure CDN. You are enabling HTTPS using your own certificate which is present on your Azure key vault. You got error 'Exception of type 'Microsoft.Azure.Cdn.Common.ProviderPluginContracts.ProviderException' was thrown.'

    I went through some issues internally with similar exceptions and there were usually two reasons for this exception.

    1. The TLS certificate created is not a complete certificate chain with leaf and intermediate certificates.
    2. The root CA is not a part of the Microsoft Trusted CA List.

    These requirements are documented here.

    Hope this helps! Please let me know if you have any additional questions. Thank you!


    ​​Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Mathias Schübel 21 Reputation points

    Thanks for your reply.
    You are, of course, right.

    The second part describes the problem:
    "The root CA is not a part of the Microsoft Trusted CA List."

    Basically letsencrypt is on that list, but i overlooked that i am still generating in the staging environment.
    The switch from https://acme-staging-v02.api.letsencrypt.org/ to https://acme-v02.api.letsencrypt.org/ fixed the problem.

    0 comments No comments