Posted: 18/11/2022
Azure Static Web App Invalid SSL Certificate
Today i find out, my website was not working.
I had an invalid SSL certificate, it timed out 4 days ago.
Side note - I should set up a Github action to check this and warn me if it is offline.
Checking the SSL cert showed me it had run out.
Now a static web app in Azure has the ability to have custom domains with free SSL certificates.
This has worked perfectly for months, and I have not changed anything - so why has it run out.
I found in Azure, that this was showing against my custom domain:
As a quick fix, removing the custom domain and addding it again solved my problem, but that will only work for another 6 months.
My DNS provider is CloudFlare, and I use a CNAME record within that to allow the custom domain to work.
So in cloudflare I turned everything off, and the problem still persists.
Which made me think to check the random url that Azure creates, and lo and behold, that works.
That website has a valid SSL cert!
So it is something wrong with my custom domain.
A bit of search on t'internet, I came across these posts on github:
https://github.com/Azure/static-web-apps/issues/923
https://github.com/Azure/static-web-apps/issues/888#issuecomment-1320162612
This made me reconsider have I set it up correctly at Azure.
At the top of the custom domain blade in Azure it gives documentation on how to configure the custom domain with your DNS host:
which then lead me to here:
https://learn.microsoft.com/en-us/azure/static-web-apps/apex-domain-external
Oh, I have not setup an Apex domain registration at Cloudflare.
Adding in the "root domain" e.g. "markoliver.website" and now Azure has verified my custom domain.
Thanks also to @Stacy_Cash & @nthony_chu on Twitter for trying to help out:
The SSL cert on my Azure Static Web App has expired. Anyone else seeing this?
— Mark Oliver 💙 (@MicbOliver) November 18, 2022
It is managed by Azure so confused.@Stacy_Cash @nthonyChu any ideas?
Fingers crossed in 6 months I am not back here reading my own article 😃
What did I learn (again) - RTFM - READ THE **** MANUALS
Thanks for reading this post.
If you want to reach out, catch me on Twitter!
I am always open to mentoring people, so get in touch.