Closed namnguyenaurecon closed 1 year ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AzureAppServiceCLI, @antcp.
Author: | namnguyenaurecon |
---|---|
Assignees: | - |
Labels: | `Web Apps`, `Service Attention` |
Milestone: | - |
route to service team
@namnguyenaurecon could you please share the -debug
log for Get-AzWebAppCertificate
as well.
@Kotasudhakarreddy , thanks for the response, please see the debug logs below.
DEBUG: 8:08:47 AM - using account id 'masked@test.com'...
DEBUG: [Common.Authentication]: Authenticating using Account: 'masked@test.com', environment:
'AzureCloud', tenant: 'masked'
DEBUG: 8:08:47 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync -
TenantId:'masked', Scopes:'https://management.core.windows.net//.default',
AuthorityHost:'https://login.microsoftonline.com/', UserId:'masked@test.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Azure region was not configured or
could not be discovered. Not using a regional authority.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47] Found 1 cache accounts and 0 broker
accounts
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47] Returning 1 accounts
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] MSAL MSAL.Desktop with assembly
version '4.30.1.0'. CorrelationId(9b1ff6c5-b668-4e79-9cb5-1f1871d97ed6)
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === AcquireTokenSilent Parameters ===
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] LoginHint provided: False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Account provided: True
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] ForceRefresh: False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 9b1ff6c5-b668-4e79-9cb5-1f1871d97ed6
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === Token Acquisition (SilentRequest)
started:
Authority Host: login.microsoftonline.com
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Azure region was not configured or
could not be discovered. Not using a regional authority.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Access token is not expired.
Returning the found cache entry. [Current time (10/06/2021 01:08:47) - Expiration Time (10/06/2021 02:05:47 +00:00) -
Extended Expiration Time (10/06/2021 02:05:47 +00:00)]
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Returning access token found in
cache. RefreshOn exists ? False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Fetched access token from host
login.microsoftonline.com.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === Token Acquisition finished
successfully. An access token was returned with Expiration Time: 10/06/2021 02:05:47 +00:00 and Scopes
https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId: ExpiresOn: 2021-10-06T02:05:47.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'masked',
UserId: 'masked@test.com'
DEBUG: [Common.Authentication]: Authenticating using Account: 'masked@test.com', environment:
'AzureCloud', tenant: 'masked'
DEBUG: 8:08:47 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync -
TenantId:'masked', Scopes:'https://management.core.windows.net//.default',
AuthorityHost:'https://login.microsoftonline.com/', UserId:'masked@test.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Azure region was not configured or
could not be discovered. Not using a regional authority.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47] Found 1 cache accounts and 0 broker
accounts
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47] Returning 1 accounts
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] MSAL MSAL.Desktop with assembly
version '4.30.1.0'. CorrelationId(91783728-0697-4488-b2ea-801ed15ba9e6)
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === AcquireTokenSilent Parameters ===
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] LoginHint provided: False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Account provided: True
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] ForceRefresh: False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 91783728-0697-4488-b2ea-801ed15ba9e6
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === Token Acquisition (SilentRequest)
started:
Authority Host: login.microsoftonline.com
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Azure region was not configured or
could not be discovered. Not using a regional authority.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Access token is not expired.
Returning the found cache entry. [Current time (10/06/2021 01:08:47) - Expiration Time (10/06/2021 02:05:47 +00:00) -
Extended Expiration Time (10/06/2021 02:05:47 +00:00)]
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Returning access token found in
cache. RefreshOn exists ? False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Fetched access token from host
login.microsoftonline.com.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === Token Acquisition finished
successfully. An access token was returned with Expiration Time: 10/06/2021 02:05:47 +00:00 and Scopes
https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId: ExpiresOn: 2021-10-06T02:05:47.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'masked',
UserId: 'masked@test.com'
DEBUG: [Common.Authentication]: Authenticating using Account: 'masked@test.com', environment:
'AzureCloud', tenant: 'masked'
DEBUG: 8:08:47 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync -
TenantId:'masked', Scopes:'https://management.core.windows.net//.default',
AuthorityHost:'https://login.microsoftonline.com/', UserId:'masked@test.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId:
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Azure region was not configured or
could not be discovered. Not using a regional authority.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47] Found 1 cache accounts and 0 broker
accounts
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47] Returning 1 accounts
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] MSAL MSAL.Desktop with assembly
version '4.30.1.0'. CorrelationId(0af4ae51-2a8b-4334-b26e-efe97b791d07)
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === AcquireTokenSilent Parameters ===
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] LoginHint provided: False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Account provided: True
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] ForceRefresh: False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 0af4ae51-2a8b-4334-b26e-efe97b791d07
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === Token Acquisition (SilentRequest)
started:
Authority Host: login.microsoftonline.com
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Azure region was not configured or
could not be discovered. Not using a regional authority.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Access token is not expired.
Returning the found cache entry. [Current time (10/06/2021 01:08:47) - Expiration Time (10/06/2021 02:05:47 +00:00) -
Extended Expiration Time (10/06/2021 02:05:47 +00:00)]
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Returning access token found in
cache. RefreshOn exists ? False
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] Fetched access token from host
login.microsoftonline.com.
DEBUG: (False) MSAL 4.30.1.0 MSAL.Desktop Windows 10 Pro [10/06/2021 01:08:47 - ] === Token Acquisition finished
successfully. An access token was returned with Expiration Time: 10/06/2021 02:05:47 +00:00 and Scopes
https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ]
ParentRequestId: ExpiresOn: 2021-10-06T02:05:47.0000000+00:00
DEBUG: [Common.Authentication]: Received token with LoginType 'User', Tenant: 'masked',
UserId: 'masked@test.com'
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/subscriptions/masked/resourceGroups/com-pep-uat/resources?$f
ilter=resourceType eq 'Microsoft.Web/Certificates'&api-version=2016-09-01
Headers:
x-ms-client-request-id : 48c78839-c424-4a15-a7d9-1ff731ee44ba
accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Pragma : no-cache
x-ms-ratelimit-remaining-subscription-reads: 11999
x-ms-request-id : 76094598-d3b4-4c7d-8ff7-7fec19f6c205
x-ms-correlation-request-id : 76094598-d3b4-4c7d-8ff7-7fec19f6c205
x-ms-routing-request-id : SOUTHEASTASIA:20211006T010850Z:76094598-d3b4-4c7d-8ff7-7fec19f6c205
Strict-Transport-Security : max-age=31536000; includeSubDomains
X-Content-Type-Options : nosniff
Cache-Control : no-cache
Date : Wed, 06 Oct 2021 01:08:50 GMT
Body:
{
"value": [
{
"id":
"/subscriptions/masked/resourceGroups/com-pep-uat/providers/Microsoft.Web/certificates/C8
DD689F11E9FE3B39663024A19F27C67B3086C5__Australia East_com-pep-uat",
"name": "masked__Australia East_com-pep-uat",
"type": "Microsoft.Web/certificates",
"location": "australiaeast"
}
]
}
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/subscriptions/masked/resourceGroups/com-pep-uat/providers/Mi
crosoft.Web/certificates/masked__Australia East_com-pep-uat?api-version=2020-06-01
Headers:
x-ms-client-request-id : 48c78839-c424-4a15-a7d9-1ff731ee44ba
accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Pragma : no-cache
Strict-Transport-Security : max-age=31536000; includeSubDomains
x-ms-request-id : 95e8ab35-b6d9-4137-ac89-535ba6e826b9
x-ms-ratelimit-remaining-subscription-reads: 11999
x-ms-correlation-request-id : a796a3e0-ccc2-4271-93fd-4fa42aa747eb
x-ms-routing-request-id : SOUTHEASTASIA:20211006T010851Z:a796a3e0-ccc2-4271-93fd-4fa42aa747eb
X-Content-Type-Options : nosniff
Cache-Control : no-cache
Date : Wed, 06 Oct 2021 01:08:50 GMT
Server : Microsoft-IIS/10.0
X-AspNet-Version : 4.0.30319
X-Powered-By : ASP.NET
Body:
{
"id":
"/subscriptions/masked/resourceGroups/com-pep-uat/providers/Microsoft.Web/certificates/C8
DD689F11E9FE3B39663024A19F27C67B3086C5__Australia East_com-pep-uat",
"name": "masked__Australia East_com-pep-uat",
"type": "Microsoft.Web/certificates",
"location": "Australia East",
"properties": {
"password": null,
"friendlyName": "",
"subjectName": "*.masked,masked",
"hostNames": [
"*.masked",
"masked"
],
"pfxBlob": null,
"siteName": null,
"selfLink": null,
"issuer": "Go Daddy Secure Certificate Authority - G2",
"issueDate": "2021-07-07T06:36:52+07:00",
"expirationDate": "2022-07-07T06:36:52+07:00",
"thumbprint": "masked",
"valid": null,
"toDelete": null,
"cerBlob": null,
"publicKeyHash": null,
"hostingEnvironment": null,
"hostingEnvironmentProfile": null,
"keyVaultSecretStatus": "Initialized",
"webSpace": "com-pep-uat-AustraliaEastwebspace-Xenon",
"serverFarmId": null,
"tags": null,
"resourceGroup": "com-pep-uat"
}
}
FriendlyName :
SubjectName : *.masked,masked
HostNames : {*.masked, masked}
PfxBlob :
SiteName :
SelfLink :
Issuer : Go Daddy Secure Certificate Authority - G2
IssueDate : 7/6/2021 11:36:52 PM
ExpirationDate : 7/6/2022 11:36:52 PM
Password :
Thumbprint : masked
Valid :
CerBlob :
PublicKeyHash :
HostingEnvironmentProfile :
KeyVaultId :
KeyVaultSecretName :
KeyVaultSecretStatus : Initialized
ServerFarmId :
CanonicalName :
Id : /subscriptions/masked/resourceGroups/com-pep-uat/providers/Mi
crosoft.Web/certificates/masked__Australia
East_com-pep-uat
Name : masked__Australia East_com-pep-uat
Kind :
Location : Australia East
Type : Microsoft.Web/certificates
Tags :
DEBUG: AzureQoSEvent: Module: Az.Websites:2.8.2; CommandName: Get-AzWebAppCertificate; PSVersion: 5.1.19041.1237;
IsSuccess: True; Duration: 00:00:05.7730692
DEBUG: Finish sending metric.
DEBUG: 8:08:54 AM - GetAzureWebAppCertificate end processing.
Unable to repro.
Describe the bug
I've got exactly the same issue that has been logged here https://github.com/Azure/azure-cli/issues/18216, the certificates are returned when using
Get-AzWebAppCertificate
but not returned when usingaz webapp config ssl list
Expected behavior
It should return the list of certificates.
Environment summary
Additional context
Output from --debug flag (I've filtered out the subscription id):