The following forum(s) are migrating to a new home on Microsoft Q&A (Preview): Azure App Service - Web Apps!

Ask new questions on Microsoft Q&A (Preview).
Interact with existing posts until December 13, 2019, after which content will be closed to all new and existing posts.

Learn More

Sporadic wrong certificate being served RRS feed

  • Question

  • Hi guys,

    We're currently having an issue with SSL on our Azure Website. We imported an existing certificate from our old web server using the portal, and assigned it to the correct domain using IP based SSL.

    99% (guesstimate) of the time this works correctly, however every so often the website will serve up the * certificate instead.

    Is there something wrong with Azure websites or am I missing something?

    ~~ Graham

    Thursday, September 19, 2013 2:30 PM


All replies

  • Hi Graham. Can you let me know the name of the site that has this problem?

    Thursday, September 19, 2013 5:22 PM
  • Certainly, it's though the root redirects to another site. will allow you to remain on the site.


    ~~ Graham

    Thursday, September 19, 2013 7:16 PM
  • Hi Graham,

    Looks like A record for points to the default IP addres of Azure Web Sites ( However after you've enabled IP Based SSL your site was assigned a dedicated IP address, which you can find in the portal dashboard. The IP address is In order for IP SSL to work you will need to change the A record for this host name to point to this dedicated IP address.

    You can find more information here:

    • Marked as answer by Graham Wager Thursday, September 19, 2013 9:34 PM
    Thursday, September 19, 2013 8:59 PM
  • Thank you! Looks like that was the issue. Guess I haven't been the first to be caught out by this!

    ~~ Graham

    Thursday, September 19, 2013 9:36 PM
  • Right, that's why the blog article was written :). Actually if your hostname was a CNAME to <yoursitename> then you would not need to do any IP address remappings and IP SSL would have worked as soon as it was enabled. But since hostname was mapped as A record to an IP address directly it had to be remapped.

    Thursday, September 19, 2013 10:08 PM
  • I did consider leaving it as a CNAME but text within the Azure portal when adding a domain seemed to push towards using the A record - perhaps this is something that should be clarified there.

    For example, the hint text next to the "[wrong] IP address to use when you configure A records" says "The IP address that you must use to configure an A record for your custom domain name" and CNAME records seem to only be suggested for verification.

    Anyway, all sorted now so thanks again! :)

    ~~ Graham

    Friday, September 20, 2013 8:53 AM