question

pancakesandcode avatar image
0 Votes"
pancakesandcode asked ·

"Create App Service Managed Certificate" is broken

"Create App Service Managed Certificate" is broken in Azure Web App for Linux (Plan B1). When I create a certificate Azure returns a message "Successfully created App Service Managed Certificate for #######.com" however no cert shows up in the Private Key Certificates list. I repeated the processes with the same result. I also logged out and in, repeated the certificate generation process and still no certificate appears.

azure-webapps
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ajkuma-MSFT avatar image
0 Votes"
ajkuma-MSFT answered ·

Welcome to Microsoft Q&A! Thanks for posting this question.

I just tested/repro'd creating a Managed Certificate and was able to create it fine. Could you please let us know on which region have you hosted your app?
alt text



· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

pancakesandcode avatar image
0 Votes"
pancakesandcode answered ·

Hi, East US. There was a greater issue going on with a previous Orphan certificate. You can reproduce the issue by creating a Azure Web App (Windows) and corresponding certificate and binding. Then delete the Web App (without deleting the certificate first). Then create an Azure Web App (Linux) with the same name and domain as the Windows Web App. Then try to recreate the certificate. It will return a certificate creation success message but not create the cert.

The full story and solution: I had an Azure Web App (Windows) and deleted it to create an Azure Web App (Linux) with the same name. I created a "App Service Managed Certificate" with the Azure Web App (Linux) however the certificate will not show up in the certificate list. I can see the previous certificate in Azure Resource Explorer, however the Actions (POST,DELETE) tab is greyed out preventing me from deleting the certificate. I am the admin on the account and I clicked the "read/write" button. I followed these steps to delete the previous cert which finally permitted me to create a new cert.

Follow these steps exactly. There is a similar path in the tree that looks the same but will not let you delete the certificate there even though you can view it.

  1. Navigate to Subscriptions >> resourceGroups >> YourResourceGroup >> Provider >> Microsoft.Web >> Certificates

  2. Navigate to the certificate that is the same thumbprint.

  3. Make sure you are in the Read/Write mode (toggle it at the top of the screen)

  4. Click on the Action/Delete

  5. Click on the Delete button to delete the certificate


    resource explorer >> subscriptions >> >> resourceGroups >> >> providers >> Microsoft.Web >> Certificates >> (read/write mode) delete the certificate







· 2 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the neat and detailed update! I understand the frustration with this issue, apologies for any inconvenience caused. I was not able to repro at this time, but I will keep a watch on this & bring this up internally.

Thanks again for bringing this to our attention and posting the solution that worked for you. It would surely benefit the users facing a similar issue.

0 Votes 0 · ·

I had the same issue, but I could not find 'Providers' under my resource group. However, I was able to see and delete the certificates once I had selected the resource group and checked the 'Show hidden types' checkbox. Then the certificates were in the list and I could select each and delete.

alt text


0 Votes 0 · ·
app-certificate.png (21.3 KiB)