locked
Certificate changes of *.azurewebsites.net RRS feed

  • Question

  • I have an app service with the url my-app-service.azurewebsite.net.

    One outside application makes requests to this service. I provided this outside application with the public rsa key of my-app-service.azurewebsite.net. When this app makes a request to my service it first checks if the public key is still the same. 

    The certificate of my-app-service.azurewebsite.net is valid until  24 September 2021. I did not expect it to change, however it did. Last week the outside application stopped making requests to our service because the pubic key changed. 

    How often can I expect the certificate to change? And is there an option to make it a fixed certificate?


    Monday, October 21, 2019 8:39 AM

Answers

  • The certificates are rotated as needed by Microsoft. they do not provide a time when and if they will change.

    That being said, to ensure this doesn't happen again, you should get your own SSL certificate. Few Authorities out there provide free certificates :)


    Rahber
    @Rahber

    • Marked as answer by KeesL Tuesday, October 22, 2019 3:37 PM
    Monday, October 21, 2019 1:57 PM

All replies

  • The certificates are rotated as needed by Microsoft. they do not provide a time when and if they will change.

    That being said, to ensure this doesn't happen again, you should get your own SSL certificate. Few Authorities out there provide free certificates :)


    Rahber
    @Rahber

    • Marked as answer by KeesL Tuesday, October 22, 2019 3:37 PM
    Monday, October 21, 2019 1:57 PM
  • Thanks for asking question!

    As mentioned by Rahber, we do not provide a public statement on how often the certificate is rotated. Also, the best practice would be to use a custom domain and SSL cert for any production workloads. Azure offers custom domains and SSL certs (app service certificates) for a great price. We also support 3rd party certs as well.

    Additionally, refer the document Tutorial: Bind an existing custom SSL certificate to Azure Web Apps. You may also refer to this blog Certificate Management in Azure: Do’s and Don’ts –checkout the section ‘Credential Lifecycle’ in the blog for recommended rotation period.


    Monday, October 21, 2019 3:09 PM