question

KirillYunussov-8647 avatar image
0 Votes"
KirillYunussov-8647 asked MaulinShah-6357 commented

How to get updated SSL certificates before Azure automaticatlly changes it?

We use default SSL certificates in Azure, so we do not have to do any maintenance for them. We do not use the paid SSL cert service, nor the custom SSL certs.

A consumer of our webapp in Azure App Services caches the Azure SSL certificate. Whenever Microsoft changes that certificate, their connection stops working.

This has already happened twice - Fall of 2019, Fall of 2020. Both times we got zero notification of the change from Microsoft, which resulted in a service disruption.

How can we get an advanced notification of these default certs changing? Would like the date of the change and the cert files.

Salesforce.com, for example, has a "group" where they post such changes months ahead, and provide a zip file with the new certs. Can Microsoft do something like that?

azure-webapps-ssl-certificates
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SnehaAgrawal-MSFT avatar image
0 Votes"
SnehaAgrawal-MSFT answered MaulinShah-6357 commented

Thanks for asking question! Just to confirm if you are referring to the default wildcard certificate for *.azurewebsites.net, that isn’t a certificate that you can or should rely on for any kind of stability. The service can (and has multiple times) changed the certificate at will for any number of reasons.

For need of certificate stability, as well as access to artifacts like public cer files, do need to purchase their own certificate.

(Please note that doesn’t need to be purchased from us – any valid certificate from a public certificate provider will work).

Hope this helps, If you have further query or issue remains let us know.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I think you better to use Azure static web app which automatically handles the SSL certificate. Also having support of Github or other devops pipline available for CI-CD configuration.

0 Votes 0 ·