I tried to generate an Azure App Service Managed Certificate for a new Azure App Service that I set up.
When I run the command to generate the Azure App Service Managed Certificate:
az webapp config ssl create --resource-group MyResourceGroup --name MyAppService --hostname www.mywebsite.com
I get the error below:
Bad Request({"Code":"BadRequest","Message":"Pending managed certificate failed: Certificate creation was rejected by CA for canonical name auth.uat.8451.audigent.com: The domain or certificate request triggered a risky domain check. Please contact Azure for assistance for this request. If retrying does not help, please contact support for assistance. Refer to the documentations for more info: https://go.microsoft.com/fwlink/?linkid=2158627."
I have tried twice to re-run the certification generation command, the error still persists.
CodePudding user response:
Here's how I fixed it:
Just take a break of about 1 to 2 minutes and retry the Azure App Service Managed Certificate command:
az webapp config ssl create --resource-group MyResourceGroup --name MyAppService --hostname www.mywebsite.com
It should work fine now.
If it still persists though, then contact Azure support for assistance. Refer to the documentations for more info: https://go.microsoft.com/fwlink/?linkid=2158627."
CodePudding user response:
Glad to know that the issue is resolved. Thanks for the update, @Promise Preston
The App Service Managed certificate is a free certificate is issued by DigiCert. For some domains, you must explicitly allow DigiCert as a certificate issuer by creating a CAA domain record with the value: 0 issue digicert.com.
. I have seen cases where by completing the above the error goes away.
For more details on App Service Managed certificate, please see these docs: Prerequisites and Limitations