Azure Application gateway cannot upload pfx certificate

Question

For Application gateway all documentation says to upload pfx certificate but when I go to http settings for backend pool it only allows ".cer" certificate and it wont allow ".pfx" file to be uploaded, error displayed says wrong format ? m i doing something wrong or somehow Azure has changed functionality but documentation is still not uploaded . Strangely through this command I am able to upload PFX

az network application-gateway ssl-cert create

Screenshot attached

Update : I am trying to do this for an existing Application Gateway Update 2 : Strangely when I am creating a gateway Azure shows me option for PFX but I dont know why it become cer if I am trying to do this for an existing one.

Is this one of Microsoft's easter eggs??

i'm pretty sure it was pfx, maybe theres some dropdown to pick which certificate type to upload? — 4c74356b41, Jan 12 '18 at 10:49
help me with this ?? as till now I am pretty sure that I have lost half of my hairs. — BlindSniper, Jan 12 '18 at 10:51
no idea, i've just checked on my app gateway, says upload pfx and allows to input password — 4c74356b41, Jan 12 '18 at 10:55
humm let me try this with a windows VM it looks like that on windows it gives pfx and on linux it giver cer. Just a hunch — BlindSniper, Jan 12 '18 at 11:02
@BlindSniper You select a wrong entrance on Portal. https://imgur.com/a/c2xwZ — Shui shengbao, Jan 17 '18 at 02:32
@BlindSniper Do you see this screenshot https://imgur.com/a/c2xwZ ? My guess is right? — Shui shengbao, Jan 17 '18 at 07:08

Shui shengbao · Accepted Answer · 2018-01-17T07:03:45.370

2

It seems you select wrong entrance on Portal.

If you configure Add HTTP setting, you really need a .cer certificate.

More information please refer to this link.

The command az network application-gateway ssl-cert create is used for configure SSL. You could find it on Portal Settings--Listener.

edited Jan 17 '18 at 07:03

answered Jan 17 '18 at 02:30

Shui shengbao

18,746
3
27
45

Can you explain one more thing does this pfx certificate has any relation with cer certificate we upload in http settings – BlindSniper Jan 17 '18 at 07:00
@BlindSniper Based on my understanding, pfx certificate contains private key(cer file) and public key. – Shui shengbao Jan 17 '18 at 07:03
For `HTTP Settings`, it works for probe to check your web app service status, it only needs a private key no need public key. So, you only need upload a .cer file. – Shui shengbao Jan 17 '18 at 07:06
so just to confirm if I have a cert1.cer for a vm i need to upload it for http settings and also I need to convert that too pfx using its private key and upload that pfx file too. – BlindSniper Jan 17 '18 at 07:13
Yes, you are right. You need http setting for probe for checking web status. – Shui shengbao Jan 17 '18 at 07:15
If you have a pfx file and know the passphrase(.crt), you could export the private key(.cert). – Shui shengbao Jan 17 '18 at 07:18
I have a linux vm with which I am provided a cer file. so I uploaded tht cer file in http settings but when creating pfx it asked for private key which i didnt have.so I am in a fix – BlindSniper Jan 17 '18 at 07:22
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/163304/discussion-between-shengbao-shui-msft-and-blindsniper). – Shui shengbao Jan 17 '18 at 07:24

Azure Application gateway cannot upload pfx certificate

1 Answers1