A snippet for exporting an Azure App Service ssl certificate for use with Azure front door

October 18, 2020

Azure app service ssl certificates do not have a password but other Azure services only allow importing of certificates with passwords set. So this is the openssl snippet required to export the certificate and add a password

Export you current certificate to a passwordless pem type

First you need to get the cert out of Azure keyvault. There is an export/download function for this on Azure.

Once you have the file you will need openssl.

openssl pkcs12 -in myappservicecertificate.pfx -out tmpmycert.pem -nodes

It might prompt you for a password here which is blank. Just hit enter.

Convert the passwordless pem to a new pfx file with password

openssl pkcs12 -export -out mypasswordedcert.pfx -in tmpmycert.pem

Now you will be prompted to enter the new password.


Darragh ORiordan

Hi! I'm Darragh ORiordan.

I live and work in Sydney, Australia enjoying the mountains and the ocean.

I build and support happy teams that create high quality software for the web.

Contact me on Twitter!


Get new posts, curated tech articles and coding tips!