Share via

APIM managed certificates - should now be enabled

raklo 20 Reputation points
2026-03-17T09:32:12.59+00:00

based on this article: https://learn.microsoft.com/en-us/azure/api-management/breaking-changes/managed-certificates-suspension-august-2025 after15th March 2026. Managed certificates should be enabled.

Created new APIM of Standar tier and went to create custom domain of type Gateway. Certificate: Managed (preview)

Got this: API Management will suspend creation of managed certificates from August 15, 2025 to March 15, 2026, to migrate to a platform that meets Multi-Perspective Issuance Corroboration (MPIC) security requirements for issuing certificates. Existing managed certificates will be auto-renewed before the suspension date and continue to function normally. Learn more

When it will be enabled?

Azure API Management
Azure API Management

An Azure service that provides a hybrid, multi-cloud management platform for APIs.

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pravallika KV 12,730 Reputation points Microsoft External Staff Moderator
    2026-03-26T18:18:32.53+00:00

    Hi @raklo ,@Davide Benvegnu ,@Estyfen Alzate parra

    As per the update received from the APIM team, Microsoft is still implementing changes related to the migration to the new validation platform. The suspension of the managed certificate feature, originally planned through March 15, 2026, has not yet been formally lifted. A revised availability date will be announced once these updates are complete.

    If your API Management instance continues to show the managed certificate feature in preview and it cannot be updated, this behavior is expected until the migration is finalized. Microsoft will update the documentation accordingly when the feature is restored.

    You may monitor the Azure API Management breaking changes page for announcements regarding the revised restoration date.

    1 person found this answer helpful.
    0 comments
  2. Q&A Assist
    2026-03-17T09:32:27.0233333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The documentation states that creation of managed certificates for custom domains in Azure API Management is suspended from August 15, 2025 to March 15, 2026, and that the capability to create managed certificates will resume after the migration to the new validation platform is complete. It does not provide a more specific enablement date beyond “after March 15, 2026,” nor does it indicate that the feature is already re-enabled.

    During the suspension period, new managed certificates cannot be created, even on newly created API Management instances or when configuring a new custom domain. The supported workaround is to configure the custom domain using either:

    • A custom certificate (PFX) that meets the documented requirements, or
    • A certificate stored in Azure Key Vault, with proper managed identity and Key Vault permissions configured.

    Existing managed certificates continue to autorenew as long as:

    1. The API Management service allows inbound traffic from the required DigiCert IP addresses on port 80, and
    2. DNS is correctly configured for the custom domain.

    Because the documentation does not specify an exact date or portal behavior change beyond “after March 15, 2026,” any more precise timeline is not available. For now, plan to use custom or Key Vault certificates until the managed certificate creation capability is actually restored in the service.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.