Navigating to mysite.com fails, www.mysite.com works in Azure Web App

Sam Wheat 501 Reputation points
2020-09-07T20:08:56.537+00:00

I have two domains that point to the same website. When I look at the website in Azure portal / TLS/SSL settings I see four bindings:
primarydomain.com
www.primarydomain.com
altdomain.com
www.altdomain.com

There are two thumbprints (physical SSL cert files), one for each domain.

In custom domains I see see four assigned custom domains all four are marked secure:
primarydomain.com
www.primarydomain.com
altdomain.com
www.altdomain.com

The DNS configuration for primarydomain and altdomain have the same records, save some CNAME records I created for authentication for an email provider I use.

Desired behavor is that navigating to any of the four urls above will direct the user to https://primarydomain.com.

Actual behavior is when I navigate to primarydomain.com, www.primarydomain.com, or www.altdomain.com everything works.

However when I attempt to navigate to altdomain.com I get this error:

Attackers might be trying to steal your information from altdomain.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is altdomain.com; its security certificate is from *.azurewebsites.net. This may be caused by a misconfiguration or an attacker intercepting your connection.

There is a button that allows me to proceed and when I do I am directed to my site however https is not allowed. This error occurs in Chrome, Edge, and Brave.

Result of nslookup on altdomain.com:
Server: dsldevice6.attlocal.net
Address: 2600:1700:c020:65b0::1

Non-authoritative answer:
Name: altdomain.com
Address: IP Address of altdomain.com


Result of nslookup on www.altdomain.com:
Server: dsldevice6.attlocal.net
Address: 2600:1700:c020:65b0::1

Non-authoritative answer:
Name: waws-prod-dm1-019.cloudapp.net
Address: IP Address of primarydomain.com
Aliases: www.altdomain.com
primarydomainapp.azurewebsites.net
waws-prod-dm1-229.vip.azurewebsites.windows.net

What do I need to do to fix this?

Thank you

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
776 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,960 questions
{count} votes

Accepted answer
  1. krish-gh 2,331 Reputation points Moderator
    2020-09-09T16:11:45.883+00:00

    Hello @Sam Wheat , Issues with Custom Domains, SNI and SSL Bindings in Azure Web App can be solved most of times by running the out of the box troubleshooter Web App provides like below which runs an extensive set of tests. In your case, as we discussed over the comments the troubleshooter found the root cause as "<altdomain> in the question was pointing to an incorrect IP Address"

    23437-image.png

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.