Azure-docs: SSL certificate auto renewal does not automatically change the binding!

@lordstyx Thanks for the feedback! I have assigned the issue to the content author to investigate further and update the document as appropriate.

@cephalin This has been common feedback about rotating the certs being a two step process but step two isn't really highlighted in the documentation. Can you please look into this and update as necessary?

@BryanTrach-MSFT thanks for the swift follow-up. The github integration of your docs is really cool.

One thing I'd like to add: next to pointing out this caveat in the documentation, it would be a huge plus if the rotation of the certificates could happen automatically as well. The documentation gave me the impression that this would happen, and is the main reason I chose to use web-apps for my new application(s).

Now I have to find a way to rotate the certificates automatically. I'm not sure if it even can be done with powershell scripting, and if it could, I'd have to set up an automation account with a runbook, where I first have to generate a custom certificate for the authorization, as that's only valid for 1 year either... Quite a hassle.

@apurvajo @naziml Please see customer feedback on cert feature.

@lordstyx Take a look at https://docs.microsoft.com/en-us/powershell/module/azurerm.websites/new-azurermwebappsslbinding for scripting the binding with PowerShell.

Glad I'm seeing this thread now. I'm on the verge of renewing a wildcard cert and thought this would make it a lot more automatic. If I have to still go in and perform a manual step, I might as well just upload a new one each time instead.....

Maybe an Automation job could trigger that powershell command when the cert changes? I suppose I could create a job that would check the thumbprint every day, and then if it's new, apply it to any/all webapps that I tell it to.

@cephalin What is the state of this PR, do we have the information we need to update the doc? If so, can you share it with me so I can address this issue?

@MicrosoftDocs/azure-cxp-triage Can you assign me to this issue as well?

I, too, was just bit by this … I assumed that when the certificate was renewed it would automatically update the binding. This process really should be updated to that effect … if that's not possible, the documentation needs to clearly state that a manual re-binding of the certificate is necessary.

@sirtwist @lordstyx I've added an update to the doc that clarifies the need to manually bind. Thanks for your feedback! #please-close

I got same issue. i had to remove SSL binding and delete certificate from website then rebind the updated ssl binding to website manually. :( hope this will be fixed soon.

+1 for auto rebinding on all web apps when cert is auto-renewed.

Please feel free to submit your product feedback at https://feedback.azure.com/.

honestly - its sort of crazy that the rebinding isnt automatic. I do not have this problem in other cloud providers.

@benjamin-goldman It does now automatically rebinds your renewed cert within 48 hours. The documentation already reflects that.

Somehow I was logged in as Anonymous - please dont sent the cops to my home.

Vote for this if you want this feature added.

https://feedback.azure.com/forums/34192--general-feedback/suggestions/37330822-azure-app-service-certificate-renewal-should-autom

@benjamin-goldman Please see my reply before yours. It's already part of our feature.

or maybe this was fixed? I just tested it and I got mixed results. It looks like it auto updated, but a couple of the interfaces showed me lies.

@cephalin thanks. We just tested and it works.