Unable to deploy to AppService using management certificate

Since about 3 weeks ago we haven’t been able to deploy to an App Service/Webapp using a management certificate.

The error we get is: Could not find Azure WebSite ‘web-app-name’ in subscription ‘xxxxx-8460-401d-bbd4-xxxxx’

16:10:54 Verbose | Removed 'add' element 16:10:54 Verbose | Done executing Remove 16:10:54 Info | Deploying to Azure WebApp 'xxxx-xxxx-xxxx-webapp', using subscription-id 'xxxxx-8460-401d-xxxxx-xxxxx' 16:10:54 Verbose | servicemanagement endpoint is https://management.core.windows.net/ 16:10:56 Error | Could not find Azure WebSite 'xxxx-xxxx-xxxx-webapp' in subscription 'xxxxx-8460-401d-xxxxx-xxxxx' 16:10:56 Error | Running rollback conventions... 16:10:56 Error | Could not find Azure WebSite 'xxxx-xxxx-xxxx-webapp' in subscription 'xxxxx-8460-401d-xxxxx-xxxxx' 16:10:56 Verbose | Updating manifest with output variables 16:10:56 Verbose | Updating manifest with action evaluated variables 16:10:56 Fatal | The remote script failed with exit code 1 16:10:56 Verbose | at Octopus.Worker.Scripting.ScriptResult.EnsureSuccessful() | at Octopus.Server.Orchestration.Deploy.Azure.AzureActionHandlerBase.Execute(ActionCommand command, Machine machine) | at Octopus.Server.Orchestration.Deploy.DeploymentTaskController.<>c__DisplayClass29_0.<ExecuteActionAndInitLoggingContext>b__0() | at Octopus.Server.Orchestration.Deploy.DeploymentTaskController.ExecuteWithTransientErrorDetection(Action action, Machine machine) | at Octopus.Server.Orchestration.Deploy.DeploymentTaskController.ExecuteActionAndInitLoggingContext(PlannedStep step, Machine machine, PlannedAction action) 16:10:56 Fatal | DeploySignalR on the Octopus Server

Changing to using a Service Principle works OK, the application deploys.

The issue is that we use Cloud Services and we’re unable to deploy to them with a Service Principle, only using a Management Certificate works.

This is all in the same subscription, the connection tests pass OK.

Just looking for some info/pointers or has anyone else had this issue?

HI Alexey,

Thanks for getting in touch! Sorry about the confusion this change of behavior has caused you. This seems to be due to some additional recent changes made on the Azure side. To address this, you should be able to create two separate accounts in Octopus (management certificate and service principal) with the single subscription. You could then use the relevant account when deploying the web app/cloud service.

I hope this helps! Let me know how you go or if you have any further questions or concerns moving forward. :slight_smile:

Best regards,