export azure ssl certificate -

i purchased wild card certificate azure. sits right in key vault. need upload our other server hosts 1 of our other applications same domain. there no option export certificate .pfx file anywhere in azure portal. please help.

you can create local pfx copy of azure app service certificate using powershell.

provide appropriate values following variables , save script copyasc.ps1.

variables:

$appservicecertificatename = "ascdemo" $resourcegroupname = "ascdemorg" $azureloginemailid = "user@microsoft.com" $subscriptionid = "fb2c25dc-6bab-45c4-8cc9-cece7c42a95a"

copyasc.ps1:

$appservicecertificatename = "" $resourcegroupname = "" $azureloginemailid = "" $subscriptionid = ""  login-azurermaccount set-azurermcontext -subscriptionid $subscriptionid  $ascresource = get-azurermresource -resourcename $appservicecertificatename -resourcegroupname $resourcegroupname -resourcetype "microsoft.certificateregistration/certificateorders" -apiversion "2015-08-01" $keyvaultid = "" $keyvaultsecretname = ""  $certificateproperties=get-member -inputobject $ascresource.properties.certificates[0] -membertype noteproperty $certificatename = $certificateproperties[0].name $keyvaultid = $ascresource.properties.certificates[0].$certificatename.keyvaultid $keyvaultsecretname = $ascresource.properties.certificates[0].$certificatename.keyvaultsecretname  $keyvaultidparts = $keyvaultid.split("/") $keyvaultname = $keyvaultidparts[$keyvaultidparts.length - 1] $keyvaultresourcegroupname = $keyvaultidparts[$keyvaultidparts.length - 5] set-azurermkeyvaultaccesspolicy -resourcegroupname $keyvaultresourcegroupname -vaultname $keyvaultname -userprincipalname $azureloginemailid -permissionstosecrets $secret = get-azurekeyvaultsecret -vaultname $keyvaultname -name $keyvaultsecretname $pfxcertobject=new-object system.security.cryptography.x509certificates.x509certificate2 -argumentlist @([convert]::frombase64string($secret.secretvaluetext),"", [system.security.cryptography.x509certificates.x509keystorageflags]::exportable) $pfxpassword = -join ((65..90) + (97..122) + (48..57) | get-random -count 50 | % {[char]$_}) $currentdirectory = (get-location -psprovider filesystem).providerpath [environment]::currentdirectory = (get-location -psprovider filesystem).providerpath [io.file]::writeallbytes(".\appservicecertificate.pfx", $pfxcertobject.export([system.security.cryptography.x509certificates.x509contenttype]::pkcs12, $pfxpassword)) write-host "created app service certificate copy at: $currentdirectory\appservicecertificate.pfx" write-warning "for security reasons, not store pfx password. use directly console required." write-host "pfx password: $pfxpassword"

type following commands in powershell console execute script:

powershell –executionpolicy bypass .\copyasc.ps1

you can find more details on azure app service team blog creating local pfx copy of app service certificate

if have app service certificate use outside of azure app service ecosystem, give try , let know how goes. if run issues, please let know on stackoverflow or on azure app service forum.

swift

Search This Blog

export azure ssl certificate -

Comments

Post a Comment