Microsoft.Web certificates 2021-03-01
Bicep resource definition
The certificates resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Web/certificates resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Web/certificates@2021-03-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
kind: 'string'
properties: {
canonicalName: 'string'
domainValidationMethod: 'string'
hostNames: [
'string'
]
keyVaultId: 'string'
keyVaultSecretName: 'string'
password: 'string'
pfxBlob: any()
serverFarmId: 'string'
}
}
Property values
certificates
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Can't use: / Can't end with space or period. |
| location | Resource Location. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| kind | Kind of resource. | string |
| properties | Certificate resource specific properties | CertificateProperties |
CertificateProperties
| Name | Description | Value |
|---|---|---|
| canonicalName | CNAME of the certificate to be issued via free certificate | string |
| domainValidationMethod | Method of domain validation for free cert | string |
| hostNames | Host names the certificate applies to. | string[] |
| keyVaultId | Key Vault Csm resource Id. | string |
| keyVaultSecretName | Key Vault secret name. | string |
| password | Certificate password. | string |
| pfxBlob | Pfx blob. | For Bicep, you can use the any() function. |
| serverFarmId | Resource ID of the associated App Service plan, formatted as: "/subscriptions/{subscriptionID}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/{appServicePlanName}". | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create and assign a standard App Service Certificate |
Creates a standard App Service Certificate, verifies it using an App service App and creates SSL bindings once the certificate is ready |
| Create and assign a wildcard App Service Certificate |
Creates a wildcard App Service Certificate, verifies it using an App service Domain and creates SSL bindings on an App Service App once the certificate is ready |
| Create a App Services Managed Certificate |
Create Managed Certificate (Free) APEX (root domain) for WebApp |
| SSL certificate for an ILB ASE or an ILB ASE v2 |
Configures the default SSL certificate for an ILB ASE or an ILB ASE v2 |
| Web App integration with Key Vault |
Deploy a Web App certificate from Key Vault secret and use it for creating SSL binding |
| Web App with a custom domain and optional SSL binding |
Create a web app and with a custom domain and optionally add SSL certificate for https encryption. |
ARM template resource definition
The certificates resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Web/certificates resource, add the following JSON to your template.
{
"type": "Microsoft.Web/certificates",
"apiVersion": "2021-03-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"kind": "string",
"properties": {
"canonicalName": "string",
"domainValidationMethod": "string",
"hostNames": [ "string" ],
"keyVaultId": "string",
"keyVaultSecretName": "string",
"password": "string",
"pfxBlob": {},
"serverFarmId": "string"
}
}
Property values
certificates
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Web/certificates' |
| apiVersion | The resource api version | '2021-03-01' |
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Can't use: / Can't end with space or period. |
| location | Resource Location. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| kind | Kind of resource. | string |
| properties | Certificate resource specific properties | CertificateProperties |
CertificateProperties
| Name | Description | Value |
|---|---|---|
| canonicalName | CNAME of the certificate to be issued via free certificate | string |
| domainValidationMethod | Method of domain validation for free cert | string |
| hostNames | Host names the certificate applies to. | string[] |
| keyVaultId | Key Vault Csm resource Id. | string |
| keyVaultSecretName | Key Vault secret name. | string |
| password | Certificate password. | string |
| pfxBlob | Pfx blob. | |
| serverFarmId | Resource ID of the associated App Service plan, formatted as: "/subscriptions/{subscriptionID}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/{appServicePlanName}". | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Create and assign a standard App Service Certificate |
Creates a standard App Service Certificate, verifies it using an App service App and creates SSL bindings once the certificate is ready |
| Create and assign a wildcard App Service Certificate |
Creates a wildcard App Service Certificate, verifies it using an App service Domain and creates SSL bindings on an App Service App once the certificate is ready |
| Create a App Services Managed Certificate |
Create Managed Certificate (Free) APEX (root domain) for WebApp |
| SSL certificate for an ILB ASE or an ILB ASE v2 |
Configures the default SSL certificate for an ILB ASE or an ILB ASE v2 |
| Web App integration with Key Vault |
Deploy a Web App certificate from Key Vault secret and use it for creating SSL binding |
| Web App with a custom domain and optional SSL binding |
Create a web app and with a custom domain and optionally add SSL certificate for https encryption. |
Terraform (AzAPI provider) resource definition
The certificates resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Web/certificates resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Web/certificates@2021-03-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
body = jsonencode({
properties = {
canonicalName = "string"
domainValidationMethod = "string"
hostNames = [
"string"
]
keyVaultId = "string"
keyVaultSecretName = "string"
password = "string"
serverFarmId = "string"
}
kind = "string"
})
}
Property values
certificates
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Web/certificates@2021-03-01" |
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Can't use: / Can't end with space or period. |
| location | Resource Location. | string (required) |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. |
| kind | Kind of resource. | string |
| properties | Certificate resource specific properties | CertificateProperties |
CertificateProperties
| Name | Description | Value |
|---|---|---|
| canonicalName | CNAME of the certificate to be issued via free certificate | string |
| domainValidationMethod | Method of domain validation for free cert | string |
| hostNames | Host names the certificate applies to. | string[] |
| keyVaultId | Key Vault Csm resource Id. | string |
| keyVaultSecretName | Key Vault secret name. | string |
| password | Certificate password. | string |
| pfxBlob | Pfx blob. | |
| serverFarmId | Resource ID of the associated App Service plan, formatted as: "/subscriptions/{subscriptionID}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/{appServicePlanName}". | string |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for