azuresslssl-certificateazure-appservicecustom-domain

Azure App Service Certificate - Failure to Auto-Renew


App Service Certificate is failing to auto-renew. When I go into Azure Portal to check on the certificate renewal, it is failing during Step 2 (verification, pictured below).

enter image description here

I do not understand why this needs to validate again. When I go to re-validate, it says that Azure can send an email for verification. However, when I enter my email address I get an "Email failed to send" error (also in picture).


Solution

  • That's because, All App Service certificates issued prior to March 31st 2017 will receive an email to re-verify their domain at the time of renewal even if the auto-renewal is enabled for your certificate. This is a result of change in GoDaddy policy. Please check your email and complete this one-time domain verification to continue to auto-renew the SSL certificate.

    Also, Note: GoDaddy does require you to verify your domain once every three years and you will receive a email once every three years to verify your domain.

    To answer the later part of your question, the email address you give on portal for receiving a link to validate the domain should be the one that's associated while purchasing the certificate.

    Hence, In order to resolve the issue please retry requesting domain validation link by giving associated email address or you would have to cancel the order and purchase a new App Service Certificate as mentioned in the error message in your screenshot.

    In addition, our product group is currently working to add these details readily available so you know the reason for cert renewal failure and which email to use for domain verification etc.