Share via

unable to delete public key certificates from appservice through powershell,cli and restapi.pipeline is getting successful but still certificate is not being deleted.

maniteja muggulla 0 Reputation points
2024-12-25T06:38:43.6366667+00:00

Hi team , I am unable to delete public key certificates from appservice linux through powershell,cli and restapi.pipeline is getting successful but still certificate is not being deleted. Please let me command to delete that one.. I have used (azure webapp config ssl commands) and (RemoveAz-WebAppCertificate) commands and also DELETE from rest API... nothing worked

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,155 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Divyesh Govaerdhanan 485 Reputation points
    2024-12-26T18:16:15.3933333+00:00

    Hello,

    Welcome to Microsoft Q&A,

    Step 1: Check for Resource Locks

    Locked resources prevent modifications or deletions.

    • List locks 
        Get-AzResourceLock -ResourceGroupName "<ResourceGroupName>"
    • If a lock exists, remove it: 
        Remove-AzResourceLock -LockId "<LockId>"

    Step 2: Identify Dependencies

    Bindings, custom domains, or other configurations may reference public key certificates.

    • List all SSL bindings for the app: 
        az webapp config ssl list --resource-group <ResourceGroupName> --name <AppName>
    • If the certificate is bound to a hostname, remove the binding: 
        az webapp config hostname delete --resource-group <ResourceGroupName> --webapp-name <AppName> --hostname <Hostname>

    Step 3: Force Certificate Deletion

    If the certificate is not bound or locks are removed, but it still cannot be deleted, force deletion might be necessary.

    az webapp config ssl delete --certificate-thumbprint <Thumbprint> --resource-group <ResourceGroupName>

    Please Upvote and accept the answer if it helps.

    AI-assisted (Chat-GPT) creation and manually validated.

    0 comments
  2. Laxman Reddy Revuri 1,525 Reputation points Microsoft Vendor
    2024-12-27T00:22:25.0133333+00:00

    Hi @maniteja muggulla
    Thanks for the question and using MS Q&A platform.
    Remove SSL Binding:
    Execute the command to remove any SSL bindings associated with the certificate: 

    Remove-AzWebAppSSLBinding -ResourceGroupName "YourResourceGroup" -WebAppName "YourWebApp" -Name "YourDomainName"

    https://zcusa.951200.xyz/en-us/powershell/module/az.websites/remove-azwebappsslbinding?view=azps-13.0.0&viewFallbackFrom=azps-6.5.0#syntax
    Delete Certificate:
    After removing the binding, attempt to delete the certificate again using:

    Remove-AzWebAppCertificate -ResourceGroupName "YourResourceGroup" -Name "YourCertificateName"

    az lock delete:
    https://zcusa.951200.xyz/en-us/cli/azure/lock?view=azure-cli-latest#az-lock-delete

    Please accept as "Yes" if the answer provided is useful , so that you can help others in the community looking for remediation for similar issues.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.