Why is Azure App Service randomly using *.azurewebsites.net cert instead of custom cert?

Chris Marasti-Georg 101 Reputation points
2020-09-01T20:20:48.62+00:00

Our App Service occasionally ends up serving the default *.azurewebsites.net certificate for our custom domain, instead of the certificate for our domain. There doesn't seem to be any rhyme or reason. In almost all cases, it serves the correct one, but occasionally it will serve the default one. We have a custom domain, and SNI binding set up. The Troubleshooter will generally say there are no problems, but will sometimes show the incorrect certificate for one or both of the bare domain, and the www subdomain. I have even seen it serve a page request and all related resources with the correct certificate, except for one css file in the midst of all the other requests on the same domain being served with the wrong certificate and subsequently blocked by the browser.

Any ideas where to begin?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,756 questions
{count} votes

Accepted answer
  1. Chris Marasti-Georg 101 Reputation points
    2020-09-04T19:32:32.36+00:00

    Deleting and re-creating the SSL/domain bindings resolved the issue. It seems there was some sort of synchronization issue in the underlying Azure infrastructure.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Kenji Prahyudi 5 Reputation points
    2023-04-25T14:39:35.8266667+00:00

    I found the workaround, turns out when I switched the method, from "A record" to "forward to www", it works as expected. I use this method: https://learn.microsoft.com/en-us/azure/static-web-apps/apex-domain-external#forward-to-www-subdomain

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.