App Service Certificate Orders - Create Or Update
Description for Create or update a certificate purchase order.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.CertificateRegistration/certificateOrders/{certificateOrderName}?api-version=2023-12-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
certificate
|
path | True |
string |
Name of the certificate order. |
resource
|
path | True |
string |
Name of the resource group to which the resource belongs. Regex pattern: |
subscription
|
path | True |
string |
Your Azure subscription ID. This is a GUID-formatted string (e.g. 00000000-0000-0000-0000-000000000000). |
api-version
|
query | True |
string |
API Version |
Request Body
Name | Required | Type | Description |
---|---|---|---|
location | True |
string |
Resource Location. |
properties.productType | True |
Certificate product type. |
|
kind |
string |
Kind of resource. |
|
properties.autoRenew |
boolean |
|
|
properties.certificates |
<string,
App |
State of the Key Vault secret. |
|
properties.csr |
string |
Last CSR that was created for this order. |
|
properties.distinguishedName |
string |
Certificate distinguished name. |
|
properties.keySize |
integer |
Certificate key size. |
|
properties.validityInYears |
integer |
Duration in years (must be 1). |
|
tags |
object |
Resource tags. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
App Service Certificate Order is created. |
|
201 Created |
App Service Certificate Order creation operation is in progress |
|
Other Status Codes |
App Service error response. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Create Certificate order
Sample Request
PUT https://management.azure.com/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName?api-version=2023-12-01
{
"location": "Global",
"properties": {
"certificates": {
"SampleCertName1": {
"keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
"keyVaultSecretName": "SampleSecretName1"
},
"SampleCertName2": {
"keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
"keyVaultSecretName": "SampleSecretName2"
}
},
"distinguishedName": "CN=SampleCustomDomain.com",
"validityInYears": 2,
"keySize": 2048,
"productType": "StandardDomainValidatedSsl",
"autoRenew": true
}
}
Sample Response
{
"id": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName",
"name": "SampleCertificateOrderName",
"type": "Microsoft.CertificateRegistration/certificateOrders",
"location": "Global",
"properties": {
"certificates": {
"SampleCertName1": {
"keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
"keyVaultSecretName": "SampleSecretName1",
"provisioningState": "Succeeded"
},
"SampleCertName2": {
"keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
"keyVaultSecretName": "SampleSecretName2",
"provisioningState": "KeyVaultSecretDoesNotExist"
}
},
"distinguishedName": "CN=SampleCustomDomain.com",
"domainVerificationToken": "awe4163Br6d32r",
"validityInYears": 2,
"keySize": 2048,
"productType": "StandardDomainValidatedSsl",
"autoRenew": true,
"provisioningState": "Succeeded",
"status": "Issued",
"signedCertificate": {
"version": 1232490,
"serialNumber": "sds12424k",
"thumbprint": "FE703D7411A44163B6D32B3AD9B03E175886EBFE",
"subject": "CN=CertSubjectName",
"issuer": "CACert",
"signatureAlgorithm": "SHA",
"notAfter": "2022-11-12T23:40:25+00:00",
"notBefore": "2021-11-12T23:40:25+00:00"
},
"csr": "xdf!x|",
"intermediate": {
"version": 5589220,
"serialNumber": "k45kad0024",
"thumbprint": "RF3D7411A44163B6D32B3343559B03E175886EBFE",
"subject": "CN=IntermediateCertSubjectName",
"issuer": "CACert",
"signatureAlgorithm": "SHA",
"notAfter": "2023-11-12T23:40:25+00:00",
"notBefore": "2021-05-12T23:40:25+00:00"
},
"root": {
"version": 3430921,
"serialNumber": "jkskd890ajdd00124",
"thumbprint": "ZD3D7411A44163B6D32B3343559B03E175886EBFE",
"subject": "CN=RootCertSubjectName",
"issuer": "CACert",
"signatureAlgorithm": "SHA",
"notAfter": "2023-11-12T23:40:25+00:00",
"notBefore": "2021-05-12T23:40:25+00:00"
},
"serialNumber": "12324325325",
"lastCertificateIssuanceTime": "2021-11-12T23:40:25+00:00",
"expirationTime": "2022-11-12T23:40:25+00:00",
"isPrivateKeyExternal": false,
"appServiceCertificateNotRenewableReasons": [
"ExpirationNotInRenewalTimeRange"
],
"nextAutoRenewalTimeStamp": "2022-11-12T23:40:25+00:00",
"contact": {
"email": "contact@email.com",
"nameFirst": "SampleFirstName",
"nameLast": "SampleLastName",
"phone": "1-224-550-332"
}
}
}
{
"id": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName",
"name": "SampleCertificateOrderName",
"type": "Microsoft.CertificateRegistration/certificateOrders",
"location": "Global",
"properties": {
"certificates": {
"SampleCertName1": {
"keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
"keyVaultSecretName": "SampleSecretName1",
"provisioningState": "Succeeded"
},
"SampleCertName2": {
"keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
"keyVaultSecretName": "SampleSecretName2",
"provisioningState": "KeyVaultSecretDoesNotExist"
}
},
"distinguishedName": "CN=SampleCustomDomain.com",
"domainVerificationToken": "awe4163Br6d32r",
"validityInYears": 2,
"keySize": 2048,
"productType": "StandardDomainValidatedSsl",
"autoRenew": true,
"provisioningState": "InProgress",
"status": "Issued",
"signedCertificate": {
"version": 1232490,
"serialNumber": "sds12424k",
"thumbprint": "FE703D7411A44163B6D32B3AD9B03E175886EBFE",
"subject": "CN=CertSubjectName",
"issuer": "CACert",
"signatureAlgorithm": "SHA",
"notAfter": "2022-11-12T23:40:25+00:00",
"notBefore": "2021-11-12T23:40:25+00:00"
},
"csr": "xdf!x|",
"intermediate": {
"version": 5589220,
"serialNumber": "k45kad0024",
"thumbprint": "RF3D7411A44163B6D32B3343559B03E175886EBFE",
"subject": "CN=IntermediateCertSubjectName",
"issuer": "CACert",
"signatureAlgorithm": "SHA",
"notAfter": "2023-11-12T23:40:25+00:00",
"notBefore": "2021-05-12T23:40:25+00:00"
},
"root": {
"version": 3430921,
"serialNumber": "jkskd890ajdd00124",
"thumbprint": "ZD3D7411A44163B6D32B3343559B03E175886EBFE",
"subject": "CN=RootCertSubjectName",
"issuer": "CACert",
"signatureAlgorithm": "SHA",
"notAfter": "2023-11-12T23:40:25+00:00",
"notBefore": "2021-05-12T23:40:25+00:00"
},
"serialNumber": "12324325325",
"lastCertificateIssuanceTime": "2021-11-12T23:40:25+00:00",
"expirationTime": "2022-11-12T23:40:25+00:00",
"isPrivateKeyExternal": false,
"appServiceCertificateNotRenewableReasons": [
"ExpirationNotInRenewalTimeRange"
],
"nextAutoRenewalTimeStamp": "2022-11-12T23:40:25+00:00",
"contact": {
"email": "contact@email.com",
"nameFirst": "SampleFirstName",
"nameLast": "SampleLastName",
"phone": "1-224-550-332"
}
}
}
Definitions
Name | Description |
---|---|
App |
Key Vault container for a certificate that is purchased through Azure. |
App |
SSL certificate purchase order. |
Certificate |
SSL certificate details. |
Certificate |
|
Certificate |
Current order status. |
Certificate |
Certificate product type. |
Default |
App Service error response. |
Details | |
Error |
Error model. |
Key |
Status of the Key Vault secret. |
Provisioning |
Status of certificate order. |
Resource |
Reasons why App Service Certificate is not renewable at the current moment. |
AppServiceCertificate
Key Vault container for a certificate that is purchased through Azure.
Name | Type | Description |
---|---|---|
keyVaultId |
string |
Key Vault resource Id. |
keyVaultSecretName |
string |
Key Vault secret name. |
provisioningState |
Status of the Key Vault secret. |
AppServiceCertificateOrder
SSL certificate purchase order.
Name | Type | Default Value | Description |
---|---|---|---|
id |
string |
Resource Id. |
|
kind |
string |
Kind of resource. |
|
location |
string |
Resource Location. |
|
name |
string |
Resource Name. |
|
properties.appServiceCertificateNotRenewableReasons |
Reasons why App Service Certificate is not renewable at the current moment. |
||
properties.autoRenew |
boolean |
True |
|
properties.certificates |
<string,
App |
State of the Key Vault secret. |
|
properties.contact |
Contact info |
||
properties.csr |
string |
Last CSR that was created for this order. |
|
properties.distinguishedName |
string |
Certificate distinguished name. |
|
properties.domainVerificationToken |
string |
Domain verification token. |
|
properties.expirationTime |
string |
Certificate expiration time. |
|
properties.intermediate |
Intermediate certificate. |
||
properties.isPrivateKeyExternal |
boolean |
|
|
properties.keySize |
integer |
2048 |
Certificate key size. |
properties.lastCertificateIssuanceTime |
string |
Certificate last issuance time. |
|
properties.nextAutoRenewalTimeStamp |
string |
Time stamp when the certificate would be auto renewed next |
|
properties.productType |
Certificate product type. |
||
properties.provisioningState |
Status of certificate order. |
||
properties.root |
Root certificate. |
||
properties.serialNumber |
string |
Current serial number of the certificate. |
|
properties.signedCertificate |
Signed certificate. |
||
properties.status |
Current order status. |
||
properties.validityInYears |
integer |
1 |
Duration in years (must be 1). |
tags |
object |
Resource tags. |
|
type |
string |
Resource type. |
CertificateDetails
SSL certificate details.
Name | Type | Description |
---|---|---|
issuer |
string |
Certificate Issuer. |
notAfter |
string |
Date Certificate is valid to. |
notBefore |
string |
Date Certificate is valid from. |
rawData |
string |
Raw certificate data. |
serialNumber |
string |
Certificate Serial Number. |
signatureAlgorithm |
string |
Certificate Signature algorithm. |
subject |
string |
Certificate Subject. |
thumbprint |
string |
Certificate Thumbprint. |
version |
integer |
Certificate Version. |
CertificateOrderContact
Name | Type | Description |
---|---|---|
string |
||
nameFirst |
string |
|
nameLast |
string |
|
phone |
string |
CertificateOrderStatus
Current order status.
Name | Type | Description |
---|---|---|
Canceled |
string |
|
Denied |
string |
|
Expired |
string |
|
Issued |
string |
|
NotSubmitted |
string |
|
PendingRekey |
string |
|
Pendingissuance |
string |
|
Pendingrevocation |
string |
|
Revoked |
string |
|
Unused |
string |
CertificateProductType
Certificate product type.
Name | Type | Description |
---|---|---|
StandardDomainValidatedSsl |
string |
|
StandardDomainValidatedWildCardSsl |
string |
DefaultErrorResponse
App Service error response.
Name | Type | Description |
---|---|---|
error |
Error model. |
Details
Name | Type | Description |
---|---|---|
code |
string |
Standardized string to programmatically identify the error. |
message |
string |
Detailed error description and debugging information. |
target |
string |
Detailed error description and debugging information. |
Error
Error model.
Name | Type | Description |
---|---|---|
code |
string |
Standardized string to programmatically identify the error. |
details |
Details[] |
Detailed errors. |
innererror |
string |
More information to debug error. |
message |
string |
Detailed error description and debugging information. |
target |
string |
Detailed error description and debugging information. |
KeyVaultSecretStatus
Status of the Key Vault secret.
Name | Type | Description |
---|---|---|
AzureServiceUnauthorizedToAccessKeyVault |
string |
|
CertificateOrderFailed |
string |
|
ExternalPrivateKey |
string |
|
Initialized |
string |
|
KeyVaultDoesNotExist |
string |
|
KeyVaultSecretDoesNotExist |
string |
|
OperationNotPermittedOnKeyVault |
string |
|
Succeeded |
string |
|
Unknown |
string |
|
UnknownError |
string |
|
WaitingOnCertificateOrder |
string |
ProvisioningState
Status of certificate order.
Name | Type | Description |
---|---|---|
Canceled |
string |
|
Deleting |
string |
|
Failed |
string |
|
InProgress |
string |
|
Succeeded |
string |
ResourceNotRenewableReason
Reasons why App Service Certificate is not renewable at the current moment.
Name | Type | Description |
---|---|---|
ExpirationNotInRenewalTimeRange |
string |
|
RegistrationStatusNotSupportedForRenewal |
string |
|
SubscriptionNotActive |
string |