bulky-oil-97030
06/20/2023, 9:41 AMexport const cert = new web20220901.Certificate(`ti-cert-${stage}`,
{
canonicalName: hostName,
hostNames: [hostName],
name: `${hostName}-${appName}`,
resourceGroupName: resourceGroupName,
serverFarmId: servicePlan.id,
domainValidationMethod: "http-token"
}, { dependsOn: [webApp] }
);
export const publicBinding = new web20220901.WebAppHostNameBinding(hostName, {
hostName: hostName,
hostNameType: web.HostNameType.Verified,
name: appName,
resourceGroupName: resourceGroupName,
siteName: appName,
sslState: web.SslState.SniEnabled,
thumbprint: cert.thumbprint
}, {
dependsOn: [webApp , cert]});
As you can see, we need the cert thumbprint in the binding, which is why we're building the cert beforehand.
However, the cert needs the hostname to be validated via the Web App Custom Domain resource, which is not available via pulumi as is.
The pulumi up fails with:
error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="Properties.CanonicalName is invalid.
Certificate creation requires hostname app-dev-provisioned.<domain> added to an App Service in the serverFarm
/subscriptions/<subscription>/resourceGroups/<resource_group>/providers/Microsoft.Web/serverfarms/<app_service_plan>."
Details=[{"Message":"Properties.CanonicalName is invalid. Certificate creation requires hostname <hostname> added to an App Service in the serverFarm /subscriptions/<subscription>/resourceGroups/<resource_group>/providers/Microsoft.Web/serverfarms/<app_service_plan>."},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"51021","Message":"Properties.CanonicalName is invalid. Certificate creation requires hostname <hostname> added to an App Service in the serverFarm /subscriptions/<subscription>/resourceGroups/<resource_group>/providers/Microsoft.Web/serverfarms/<app_service_plan>.","MessageTemplate":"{0} is invalid. {1}","Parameters":["Properties.CanonicalName","Certificate creation requires hostname <hostname> added to an App Service in the serverFarm /subscriptions/<subscription>/resourceGroups/<resource_group>/providers/Microsoft.Web/serverfarms/<app_service_plan>."]}}]
This is also referenced here:
https://github.com/pulumi/pulumi-azure-native/issues/578
Any updates on this issue?