CDN Custom Domain HTTPS not finding DNS record RRS feed

  • Question

  • When attempting to enable Custom Domain HTTPS on an Apex record, one particular domain will not work. Azure can not find the cdnverify.<domainhere>.com record to allow the certificate request to be created.

    This has worked on other domains on the same CDN endpoint with the Apex record.

    Upon trying to enable it, I get the following error: "We couldn't find a DNS record for custom domain that points to endpoint. To map a domain to this endpoint, create a CNAME record with your DNS provider for custom domain that points to endpoint."/

    Sunday, July 14, 2019 10:57 PM

All replies

  • Hi, 

    We are not supporting apex domains via the CDN managed route for any provider.

    You can check this thread for detailed explanation: https://social.msdn.microsoft.com/Forums/en-US/34d85cca-a003-4a71-aede-f3326929d180/unable-to-verify-a-custom-domain-for-https?forum=azurecdn



    Monday, July 15, 2019 4:57 AM
  • Hi Msrini,

    Sorry, can't accept that. I have another apex domain that is configured, verified, HTTPS enabled with a certificate successfully deployed via the same CDN endpoint.

    If it works for one domain (repeatedly, across multiple CDN's as I've gone through iterative testing), it should work for all. This is a pretty critical piece of functionality for us and I imagine others.

    155 votes on UserVoice for something that shouldn't be hard to do. The Azure portal already adds the verification records to DNS when you do this. It is something that should effectively work reliably.

    Monday, July 15, 2019 10:17 PM
  • Hi, 

    When you use apex domain for CDN, you can enable HTTPS with two options. 

    1. Azure managed Certificate

    2. Use your own Certificate

    You cannot use the option 1 for apex domain for now as we found a issue. You can use the option 2 for configuring HTTPS for Apex domain. 

    For the other domain did you configured your apex domain with Azure managed certificate?



    Tuesday, July 16, 2019 4:26 AM
  • Hi Msrini,

    Yes, for the other apex domain it is with an Azure managed certificate.


    Tuesday, July 16, 2019 4:39 AM
  • Can you provide me any info on when you added the apex with Azure CDN with azure CDN managed certificate?

    Approximate time would help. Also, this is only the limitation with Apex domain. 



    Tuesday, July 16, 2019 4:49 AM
  • Hello,

    The timestamp on the write of the apex domain that did end up working was Tue Jul 09 2019 08:21:24 GMT+0930.

    The timestamp on the write of the apex domain that does not work was Mon Jul 15 2019 07:50:58 GMT+0930 .

    Tuesday, July 16, 2019 5:02 AM
  • Can you drop an email to azcommunity@microsoft.com with your subscription ID?

    I will take a closer look and currently HTTPS for Azure managed certificate is not possible. It is a known issue and we are working on it to get it fixed. For the other domain, I am not really sure how it worked, so I will look into it and check with Product team and provide you an update. 



    Tuesday, July 16, 2019 5:35 AM
  • I've sent that through. Thank you for having a look into this, I'm sure you can appreciate my position.
    Tuesday, July 16, 2019 5:59 AM