Share via

How to bind a Managed Certificate using the Azure SDK?

Jeff Bowman 106 Reputation points
2025-02-15T04:18:40.2533333+00:00

How do we go about binding a Managed Certificate to a Custom Domain using the new ResourceManager SDK?

Unfortunately, the samples don't cover this task. (In fact, they don't compile, with hundreds of broken references, so it's impossible to tell whether they're even accurate.)

And the documentation isn't very helpful, either. There's this guidance, and this, but those appear to be for purchased certificates. Nothing in that namespace mentions a Managed Certificate.

Here's the problem...

I've been able to successfully add a Custom Domain to my Azure App Service, using this code:

Dim tenantId As String = "89C4A752-7028-4F94-BF6D-A5B0AB83A30A"
Dim clientId As String = "AC4E5551-B056-4769-84AD-F7016E289122"
Dim clientSecret As String = "EJY5du3PVx#o2P3b*B^25t@LoVu8LX2Lgo"
Dim resourceGroupName As String = "group"
Dim webAppName As String = "site"
Dim customDomain As String = "example.com"

' Authenticate and get the client
Dim credential = New ClientSecretCredential(tenantId, clientId, clientSecret)
Dim armClient = New ArmClient(credential)

' Get the web app
Dim subscription = armClient.GetDefaultSubscriptionAsync.Result
Dim resourceGroup = subscription.GetResourceGroups.Get(resourceGroupName)
Dim webApp = resourceGroup.Value.GetWebSites.Get(webAppName)

' Set the domain properties
Dim domainProperties = New HostNameBindingData With {
  .CustomHostNameDnsRecordType = CustomHostNameDnsRecordType.A,
  .HostNameType = AppServiceHostNameType.Managed
}

Me.UpdateDns(webApp)

Dim op = webApp.Value.GetSiteHostNameBindings.CreateOrUpdate(Azure.WaitUntil.Completed, customDomain, domainProperties)

That works. The domain is added. But it's not bound to anything.

Adding a binding to a Managed Certificate is another matter entirely. I tried setting the .SslState property, like so:

Dim domainProperties = New HostNameBindingData With {
  .CustomHostNameDnsRecordType = CustomHostNameDnsRecordType.CName,
  .HostNameType = AppServiceHostNameType.Managed,
  .SslState = HostNameBindingSslState.SniEnabled
}

...but that results in an error:

Parameter Thumbprint is null or empty.

There is a .ThumbprintString property on the HostNameBindingData class, but where do we get that value from?

The repo referenced in this answer almost gets there, but it's nine years old and we're on a completely revamped SDK by now. Besides, he's uploading a .PFX, which is something completely different.

How do I create a new Managed Certificate and bind it to my newly added Custom Domain?

Note: either VB.NET or C# will be fine.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,320 questions
0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.