A snippet for exporting an Azure App Service ssl certificate for use with Azure front door

Published on October 18, 2020

Azure app service ssl certificates do not have a password but other Azure services only allow importing of certificates with passwords set. So this is the openssl snippet required to export the certificate and add a password

Export you current certificate to a passwordless pem type

First you need to get the cert out of Azure keyvault. There is an export/download function for this on Azure.

Once you have the file you will need openssl.

openssl pkcs12 -in myappservicecertificate.pfx -out tmpmycert.pem -nodes

It might prompt you for a password here which is blank. Just hit enter.

Convert the passwordless pem to a new pfx file with password

openssl pkcs12 -export -out mypasswordedcert.pfx -in tmpmycert.pem

Now you will be prompted to enter the new password.

That’s it, now you can upload the password protected certificate to Azure front door or Azure Application Gateway

Darragh ORiordan

Hi! I'm Darragh ORiordan.

I live and work in Sydney, Australia enjoying the mountains and the ocean.

I build and support happy teams that create high quality software for the web.

Contact me on Twitter!

Sign up for the newsletter

Get new writings, curated tech articles and coding tips!

Read the Privacy Policy.