Azure app service ssl certificates do not have a password but other Azure services only allow importing of certificates with passwords set. So this is the openssl snippet required to export the certificate and add a password
Export you current certificate to a passwordless pem type
First you need to get the cert out of Azure keyvault. There is an export/download function for this on Azure.
Once you have the file you will need openssl.
openssl pkcs12 -in myappservicecertificate.pfx -out tmpmycert.pem -nodes
It might prompt you for a password here which is blank. Just hit enter.
Convert the passwordless pem to a new pfx file with password
openssl pkcs12 -export -out mypasswordedcert.pfx -in tmpmycert.pem
Now you will be prompted to enter the new password.
That's it, now you can upload the password protected certificate to Azure front door or Azure Application Gateway