3

I have a Let's Encrypt certificate uploaded to an Azure Key Vault and connected to a web app setup according to the instructions at https://azure.microsoft.com/en-us/blog/internals-of-app-service-certificate/

web app sync settings

In the article it says certificates are synced automatically:

ASC RP has a periodic job that syncs linked certificates with the corresponding ASC every few hours. So even if you don’t click on Sync, this job would eventually migrate your Apps to the new certificate in a few hours.

But I have now updated the certificate in the key vault and a few days later the web app is still using the previous certificate.

Will it only sync when the previous certificate expires? I have trouble finding any documentation about the automatic syncing functionality.

JoBe
  • 33
  • 6

1 Answers1

3

An automatically or manually renewed certificate is bound to your app automatically within 48 hours. To bind the new certificate to your app manually, go to SSL settings > Private certificates (.pfx). Click on the certificate that you just renewed and select Sync.

Please refer - https://learn.microsoft.com/en-us/azure/app-service/web-sites-purchase-ssl-web-site

DashleenBhandari-MSFT
  • 631
  • 3
  • 4
  • Thank you for the link. I could not find a reference to how frequently it was supposed sync. Other than "a few hours" as it says in the link above. It did indeed sync after slightly more than 48h had passed. – JoBe Mar 11 '19 at 08:12
  • The document (https://learn.microsoft.com/en-us/azure/app-service/web-sites-purchase-ssl-web-site) was updated to the appropriate time (48 hours) recently. It says 'If you don't click Sync, App Service automatically syncs your certificate within 48 hours.' – DashleenBhandari-MSFT Mar 11 '19 at 13:08
  • Here is a blog post on how to create and associate a certificate to an Azu;re app service using certbot and let's encrypt: https://go.azurecraftsman.com/K47Cs2, you can go to the binding part and see how to bind your new certificate to the web app. – Mselmi Ali Aug 16 '22 at 06:07