A snippet for exporting an Azure App Service ssl certificate for use with Azure front door

Azure app service ssl certificates do not have a password but other Azure services only allow importing of certificates with passwords set. So this is the openssl snippet required to export the certificate and add a password

Export you current certificate to a passwordless pem type

First you need to get the cert out of Azure keyvault. There is an export/download function for this on Azure.

Once you have the file you will need openssl.

openssl pkcs12 -in myappservicecertificate.pfx -out tmpmycert.pem -nodes

It might prompt you for a password here which is blank. Just hit enter.

Convert the passwordless pem to a new pfx file with password

openssl pkcs12 -export -out mypasswordedcert.pfx -in tmpmycert.pem

Now you will be prompted to enter the new password.

That's it, now you can upload the password protected certificate to Azure front door or Azure Application Gateway