I am trying to renew the certificate on my azure web app. Uploaded it successfully, now I have 2 certificates available in the SSL section of the portal.
But when I am trying to create a new binding for the same domain using the new certificate - the add binding button is disabled:
What I am doing wrong?
Following renew cert steps:
- Upload the new certificate.
- Bind the new certificate to the custom domain you want without deleting the old one. This action replaces the binding instead of removing the old one.
- Delete the old certificate.
It seems that you do not need to remove the binding, you could try to bind a certificate to a Web App with PowerShell. https://docs.microsoft.com/en-us/powershell/module/az.websites/new-azwebappsslbinding?view=azps-2.0.0
New-AzWebAppSSLBinding -ResourceGroupName "ContosoResourceGroup" -WebAppName "ContosoWebApp" -Thumbprint "E3A38EBA60CAA1C162785A2E1C44A15AD450199C3" -Name "www.contoso.com"
By the way, if you use app service certificate, you can turn on automatic renewal of your certificate at any time. https://docs.microsoft.com/en-us/azure/app-service/web-sites-purchase-ssl-web-site#renew-certificate
For me the answer was "those pesky custom domains!". To expand on it - we have a custom domain assigned to the application. And to renew the SSL binding I had to:
1) go to "Custom domains" section, delete the existing custom domain assigned to the app;
2) add new custom domain with the same details as previous one;
3) configure it and add ssl binding.
A bit annoying that you cannot do it from the SSL settings section, that there are no guidelines on why the button is disabled, that you have to delete something and potentially cause downtime.
Whelp... Not going to say that my solution was the correct one or the best one.
