Merge pull request #314240 from dlepow/dlepow-1775244929894

JillGrant615 · web-flow · commit 79f17a0dd739 · 2026-04-03T17:18:35.000-06:00
[APIM] Update managed-certificates-suspension-august-2025, configure-custom-domain
diff --git a/articles/api-management/TOC.yml b/articles/api-management/TOC.yml
@@ -745,7 +745,7 @@
       href: breaking-changes/git-configuration-retirement-march-2025.md
     - name: Direct management API retirement (March 2025)
       href: breaking-changes/direct-management-api-retirement-march-2025.md
-    - name: Managed certificates suspension (August 2025 - March 2026)
+    - name: Managed certificates suspension (August 2025 - June 2026)
       href: breaking-changes/managed-certificates-suspension-august-2025.md
     - name: ADAL-based identity provider retirement (September 2025)
       href: breaking-changes/identity-provider-adal-retirement-sep-2025.md
diff --git a/articles/api-management/breaking-changes/managed-certificates-suspension-august-2025.md b/articles/api-management/breaking-changes/managed-certificates-suspension-august-2025.md
@@ -1,28 +1,31 @@
 ---
 title: Azure API Management - Managed certificates suspension for custom domains (August 2025)
-description: Azure API Management is temporarily suspending creation of managed certificates for custom domains from August 15, 2025 to March 15, 2026 due to industry-wide changes in domain validation.
+description: Azure API Management is temporarily suspending creation of managed certificates for custom domains from August 15, 2025 to June 30, 2026 due to industry-wide changes in domain validation.
 services: api-management
 author: dlepow
 ms.service: azure-api-management
 ms.topic: reference
 ai-usage: ai-assisted
-ms.date: 02/06/2026
+ms.date: 04/03/2026
 ms.author: danlep
 ---
 
-# Creation of managed certificates temporarily suspended for custom domains (August 2025 - March 2026)
+# Creation of managed certificates temporarily suspended for custom domains (August 2025 - June 2026)
 
 [!INCLUDE [premium-dev-standard-basic.md](../../../includes/api-management-availability-premium-dev-standard-basic.md)]
 
-Creation of Azure-managed certificates for custom domains in API Management will be temporarily turned off from August 15, 2025 to March 15, 2026. Existing managed certificates will be autorenewed as long as your API Management service allows inbound traffic from DigiCert IP addresses on port 80 and DNS is properly configured.
+> [!IMPORTANT]
+> The suspension period for managed certificates was recently extended to June 30, 2026. 
+
+Creation of Azure-managed certificates for custom domains in API Management will be temporarily turned off from August 15, 2025 to June 30, 2026. Existing managed certificates will be autorenewed as long as your API Management service allows inbound traffic from DigiCert IP addresses on port 80 and DNS is properly configured.
 
 In the classic service tiers, Azure API Management offers [free, managed TLS certificates for custom domains](../configure-custom-domain.md#domain-certificate-options) (preview), allowing customers to secure their endpoints without purchasing and managing their own certificates. Because of an industry-wide deprecation of CNAME-based Domain Control Validation (DCV), our Certificate Authority (CA), DigiCert, is moving to a new open-source software (OSS) domain control validation (DCV) platform that provides transparency and accountability increasing the trustworthiness of domain validation. As part of this transition, DigiCert will deprecate support for the legacy CNAME Delegation DCV workflow. This migration requires us to temporarily suspend the creation of managed certificates for custom domains.
 
 Note that this does not impact the standard CNAME DCV workflow (where DigiCert validates a random value in the CNAME record) which is still supported in the OSS validation system. This change affects several Azure services that currently rely on the soon-to-be deprecated CNAME for automated certificate issuance and renewal.
 
 ## Is my service affected by this?
 
-You're affected if you plan to create new managed certificates for custom domains in Azure API Management between August 15, 2025 and March 15, 2026. 
+You're affected if you plan to create new managed certificates for custom domains in Azure API Management between August 15, 2025 and June 30, 2026. 
 
 As part of this change, starting January 2026, for Azure API Management to be able to renew (rotate) your existing managed certificate, inbound access is required on port 80 to allow [specific DigiCert IP addresses](https://knowledge.digicert.com/alerts/ip-address-domain-validation?utm_medium=organic&utm_source=docs-digicert&referrer=https://docs.digicert.com/en/certcentral/manage-certificates/domain-control-validation-methods/automatic-domain-control-validation-check.html). 
 
@@ -32,7 +35,7 @@ The suspension of managed certificates for custom domains will be enforced from
 
 ## What do I need to do?
 
-If you need to add new managed certificates, plan to do so before August 15, 2025 or after March 15, 2026. During the suspension period, you can still configure custom domains with certificates you manage from other sources.
+If you need to add new managed certificates, plan to do so before August 15, 2025 or after June 30, 2026. During the suspension period, you can still configure custom domains with certificates you manage from other sources.
 
 If you already have managed certificates for your custom domains, do the following to ensure continued access:
 
diff --git a/articles/api-management/configure-custom-domain.md b/articles/api-management/configure-custom-domain.md
@@ -7,7 +7,7 @@ author: dlepow
 
 ms.service: azure-api-management
 ms.topic: how-to
-ms.date: 07/25/2025
+ms.date: 04/03/2026
 ms.author: danlep
 ms.custom:
   - engagement-fy23
@@ -106,7 +106,7 @@ For more information, see [Use managed identities in Azure API Management](api-m
 API Management offers a free, managed TLS certificate for your domain, if you don't wish to purchase and manage your own certificate. The certificate is autorenewed automatically.
 
 > [!IMPORTANT]
-> **Creation of managed certificates for custom domains in API Management will be temporarily unavailable from August 15, 2025 to March 15, 2026.** Our Certificate Authority (CA), DigiCert, will migrate to a new validation platform to meet Multi-Perspective Issuance Corroboration (MPIC) requirements for issuing certificates. This migration requires us to temporarily suspend the creation of managed certificates for custom domains. [Learn more](breaking-changes/managed-certificates-suspension-august-2025.md)
+> **Creation of managed certificates for custom domains in API Management will be temporarily unavailable from August 15, 2025 to June 30, 2026.** Our Certificate Authority (CA), DigiCert, will migrate to a new validation platform to meet Multi-Perspective Issuance Corroboration (MPIC) requirements for issuing certificates. This migration requires us to temporarily suspend the creation of managed certificates for custom domains. [Learn more](breaking-changes/managed-certificates-suspension-august-2025.md)
 >
 > Existing managed certificates will be autorenewed and remain unaffected.
 >
