How to get notified when a App Service Certificate is about to expire

K. Janssens 1 Reputation point
2022-06-28T21:12:32.583+00:00

Dear,

Today we had an unpleasant surprise and discovered that one of our certificates was expired, but we were not notified in advance...
What do we have to do to get a timely notification so that we can act upon?

In the action list of this particular certificate we see that an order was created a month ago, and some other "unknown" action, which were probably meant to be the notifications?

215869-image.png

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,876 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Grmacjon-MSFT 15,856 Reputation points
    2022-06-29T22:33:08.78+00:00

    Hi @K. Janssens ,

    We apologize for the inconvenience of your cert expiring. Here are three options to help with cert expirations:

    1.Add Certificate Contact using Key Vault: To get notified about certificate, you would need to add certificate contact. Certificate contacts contain contact information to send notifications triggered by certificate lifetime events. The contacts information is shared by all the certificates in the key vault. A notification is sent to all the specified contacts for an event for any certificate in the key vault. First, add a certificate contact to your key vault. You can add using the Azure portal or the PowerShell cmdlet Add-AzKeyVaultCertificateContact. Follow the steps in this azure tutorial for more details.

    216351-keyvault-cert.png

    2.**Use Azure Monitor **: You can follow the steps in this blog post which shows you how to create an alert for SSL certificate expiration using Azure Monitor.

    3.Use Auto Renewal: You can set up auto renewal by toggling the automatic renewal setting of your App Service certificate at any time, select the certificate in the App Service Certificates page, then click Auto Renew Settings in the left navigation. Select On or Off and click Save. Certificates can start automatically renewing 32 days before expiration if you have automatic renewal turned on. For more infomation please visit this Azure documentation.

    216361-cert-auto-renew.png

    Hope that helps. Please let us know if you have further questions

    Thanks,
    Grace

    ------------------------------------------------------------------------------------------------------------------------------

    If the reply is helpful, please Upvote and Accept as answer--

    0 comments