question

JenTrinanes-2619 avatar image
0 Votes"
JenTrinanes-2619 asked ajkuma-MSFT commented

Let's Encrypt operation returned an invalid status code 'Conflict'

We're trying to renew SSL certificate using Azure Let's Encrypt extension. The extension is in latest version 1.0.6. We have no problems using this extension before until we can't renew the SSL certificate anymore.

The error below is generated when trying to renew:

Server Error in '/letsencrypt' Application.
Operation returned an invalid status code 'Conflict'
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: Microsoft.Azure.Management.WebSites.Models.DefaultErrorResponseException: Operation returned an invalid status code 'Conflict'

Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:
[DefaultErrorResponseException: Operation returned an invalid status code 'Conflict']
Microsoft.Azure.Management.WebSites.<BeginCreateOrUpdateWithHttpMessagesAsync>d_338.MoveNext() +3059
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Azure.Management.WebSites.<BeginCreateOrUpdateAsync>d
667.MoveNext() +260
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Azure.Management.WebSites.WebAppsOperationsExtensions.BeginCreateOrUpdate(IWebAppsOperations operations, String resourceGroupName, String name, Site siteEnvelope) +52
LetsEncrypt.Azure.Core.SiteSlotExtensions.BeginCreateOrUpdateSiteOrSlot(IWebAppsOperations sites, String resourceGroupName, String webAppName, String siteSlotName, Site s) in D:\a\1\s\LetsEncrypt.SiteExtension.Core\SiteSlotExtensions.cs:104
LetsEncrypt.Azure.Core.Services.<Install>d
3.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\WebAppCertificateService.cs:79
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
LetsEncrypt.Azure.Core.<RequestAndInstallInternalAsync>d
15.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:234
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
LetsEncrypt.SiteExtension.Controllers.<Install>d
7.MoveNext() in D:\a\1\s\LetsEncrypt-SiteExtension\Controllers\HomeController.cs:271
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult) +97
System.Web.Mvc.Async.<>c
DisplayClass8_0.<BeginInvokeAsynchronousActionMethod>b1(IAsyncResult asyncResult) +17
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
System.Web.Mvc.Async.<>c
DisplayClass11_0.<InvokeActionMethodFilterAsynchronouslyRecursive>b0() +58
System.Web.Mvc.Async.<>c
DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b2() +228
System.Web.Mvc.Async.<>c
DisplayClass7_0.<BeginInvokeActionMethodWithFilters>b1(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
System.Web.Mvc.Async.<>c
DisplayClass3_6.<BeginInvokeAction>b4() +35
System.Web.Mvc.Async.<>c
DisplayClass3_1.<BeginInvokeAction>b1(IAsyncResult asyncResult) +100
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
System.Web.Mvc.<>c.<BeginExecuteCore>b
152_1(IAsyncResult asyncResult, ExecuteCoreState innerState) +11
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +45
System.Web.Mvc.<>c.<BeginExecute>b
151_2(IAsyncResult asyncResult, Controller controller) +13
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +22
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +26
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.<>c.<BeginProcessRequest>b
_20_1(IAsyncResult asyncResult, ProcessRequestState innerState) +28
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.InvokeEndHandler(IAsyncResult ar) +152
System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +126

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.8.4261.0

azure-webapps-ssl-certificatesazure-webapps-security
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JenTrinanes-2619, Firstly, apologies for the delay in responding here.

Could you please confirm if you're referring to the steps outlined in this blog or some other doc for Azure Function service?

Review ruleset in a web.config and check of https is enforced in the App Service Settings. Also, check the status from the Azure Portal.

If it’s related to ‘Deployment Slots’, Public certificates (swapped), whereas ‘Non-public certificates and TLS/SSL settings’ aren’t swapped.

The SSL certificate in SSL Binding should match the selected custom domain in each slot.
dev.customdoaminname.com [dev]
qa.customdoaminname.com [qa]
*.customdoaminname.com [production slot]

There are a few known issues, please review the blog.

0 Votes 0 ·

JenTrinanes-2619, Kindly let us know how it goes, I'll follow-up with you further.

0 Votes 0 ·

1 Answer

JenTrinanes-2619 avatar image
0 Votes"
JenTrinanes-2619 answered ajkuma-MSFT commented

Turns out it wasn't the Let's Encrypt extension. The custom domains are not bound to SSL certificates so I simply bind them and it works.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JenTrinanes-2619, Glad to know that the issue is resolved. Thanks for sharing the solution that worked for you with the community, it would benefit the users with a similar question.

Yes, you may find information on binding the certificate in these docs:

Secure a custom DNS name with a TLS/SSL binding in Azure App Service

Add a TLS/SSL certificate in Azure App Service


To benefit the community find the right answers, please do mark the post which was helpful by clicking on ‘Accept Answer’ & ‘Up-Vote’.

0 Votes 0 ·