Merge pull request #118756 from komayama/patch-9

Jak-MS · web-flow · commit eecb12fb486c · 2024-02-06T16:26:28.000-06:00
For Sub Domain verification the domain verification token needs to be added to the root domain.
diff --git a/articles/app-service/configure-ssl-app-service-certificate.md b/articles/app-service/configure-ssl-app-service-certificate.md
@@ -98,7 +98,7 @@ The following domain verification methods are supported:
 | **App Service Verification** | The most convenient option when the domain is already mapped to an App Service app in the same subscription because the App Service app has already verified the domain ownership. Review the last step in [Confirm domain ownership](#confirm-domain-ownership). |
 | **Domain Verification** | Confirm an [App Service domain that you purchased from Azure](manage-custom-dns-buy-domain.md). Azure automatically adds the verification TXT record for you and completes the process. |
 | **Mail Verification** | Confirm the domain by sending an email to the domain administrator. Instructions are provided when you select the option. |
-| **Manual Verification** | Confirm the domain by using either a DNS TXT record or an HTML page, which applies only to **Standard** certificates per the following note.  The steps are provided after you select the option. The HTML page option doesn't work for web apps with "HTTPS Only' enabled. |
+| **Manual Verification** | Confirm the domain by using either a DNS TXT record or an HTML page, which applies only to **Standard** certificates per the following note.  The steps are provided after you select the option. The HTML page option doesn't work for web apps with "HTTPS Only' enabled. For subdomain verification, the domain verification token needs to be added to the root domain. |
 
 > [!IMPORTANT]
 > With the **Standard** certificate, you get a certificate for the requested top-level domain *and* the `www` subdomain, for example, `contoso.com` and `www.contoso.com`. However, **App Service Verification** and **Manual Verification** both use HTML page verification, which doesn't support the `www` subdomain when issuing, rekeying, or renewing a certificate. For the **Standard** certificate, use **Domain Verification** and **Mail Verification** to include the `www` subdomain with the requested top-level domain in the certificate.
