Share via

Unable to create or delete certificate profiles

Aaron Robinson 5 Reputation points
2026-06-09T13:49:25.99+00:00

My artifact signing validation request was expired, so I renewed. I deleted the old certificate profile in order to create a new one linking it to the new validation request. But it won't allow me to create one or to delete the previous "Failed" attempts. So now I have no certificate profiles and two Failed profiles. This is preventing me from deploying signed artifacts and I can't find any solution. I'm on pay-as-you-go, so presumably this is related to a soft delete occupying my single certificate quota?

Artifact Signing
Artifact Signing

A fully managed end-to-end service for digitally signing code, documents, and applications. (formerly Trusted Signing)

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Aaron Robinson 5 Reputation points
    2026-06-10T12:28:39.7433333+00:00

    Was this answer helpful?

    0 comments

  2. AI answer

    2026-06-09T13:49:40.3933333+00:00

    Failed or soft-deleted certificate profiles do not consume the identity validation quota. The quota issue is not caused by soft delete.

    To resume signing after an identity validation expired and was renewed:

    1. Complete the renewed identity validation in the Azure portal
      • Go to the Artifact Signing account → Identity Validation.
      • Ensure the renewed identity validation status is Completed.
    2. Recreate the certificate profile and link it to the completed identity validation
      • From the Artifact Signing account overview (or Objects), select Certificate Profile.
      • Create a new certificate profile (you can reuse the old name).
      • In the creation flow, select the new, completed identity validation from the drop-down.
      • Once the certificate profile is created successfully, signing resumes with no changes required to existing metadata.json.
    3. Handling expired or failed identity validations
      • If the renewed identity validation shows Expired or produces validation errors when using Renew, a new identity validation must be created instead of renewing.
      • After creating and completing a new identity validation, repeat step 2 to create a new certificate profile linked to it.
    4. Deleting identity validation (only if unenrolling or cleaning up)
      • Identity validations can be deleted only when not In Progress.
      • Deleting an identity validation stops renewal of all certificate profiles linked to it across the subscription and cannot be undone, so only do this if intentionally stopping signing or fully unenrolling.

    If the portal still blocks creation of a new certificate profile after confirming that the identity validation is Completed, this is not explained by the documented behavior and requires direct support. Use Azure Support or Microsoft Q&A with the artifact-signing tag for assistance.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.