Can't upload an SSL certificate to Azure WebApp

Question

Can't upload an SSL certificate to Azure WebApp

Sergiy Korzh 0

I'm trying to upload my SSL certificate (a .pfx file), but I got the following response:

At least one certificate is not valid. Certificate failed validation because it could not be loaded

That's strange because this certificate was issued a few hours ago, and it looks totally OK if I add it to the Certificate Manager on Windows (see the screenshot below):
Certificate_KorzhStar_sshot

ajkuma 28,036 Reputation points Microsoft Employee Moderator

2023-06-12T14:25:39.0366667+00:00

@Sergiy Korzh , Just checking in to see if you had got a chance to see the previous response by Manu Philip. If the answer helped (pointed you in the right direction) > please click Accept Answer Or please share the requested/more info to help you better.
Manu Philip 20,206 Reputation points MVP Volunteer Moderator

2023-06-22T04:45:03.3766667+00:00

@Sergiy Korzh If the answer helped, please click 'Accept as answer' so that it can help others in the community looking for help on similar topics.

1 answer

Your answer

ajkuma 28,036 Reputation points Microsoft Employee Moderator

2023-06-12T14:25:39.0366667+00:00

@Sergiy Korzh , Just checking in to see if you had got a chance to see the previous response by Manu Philip. If the answer helped (pointed you in the right direction) > please click Accept Answer Or please share the requested/more info to help you better.
Manu Philip 20,206 Reputation points MVP Volunteer Moderator

2023-06-22T04:45:03.3766667+00:00

@Sergiy Korzh If the answer helped, please click 'Accept as answer' so that it can help others in the community looking for help on similar topics.

Answer 1

The reason for the error could be the certificate is not meeting the azure webapp requirements. You can try the following steps to resolve the issue.

Re-encrypt the pfx file in a windows machine so that you can encrypt the file using a password. Use the following command in PowerShell. Use a preferred password

Import-PfxCertificate -FilePath "path" -CertStoreLocation Cert:\LocalMachine\My -Password (ConvertTo-SecureString -String 'password' -AsPlainText -Force) -Exportable

Up on successful completion, you will find a thumbprint. Copy the thumbprint and use it in the following command to export the certificate

Export-PfxCertificate -Cert Microsoft.PowerShell.Security\Certificate::LocalMachine\My\<thumbprint> -FilePath 'newPfxcert.pfx' -Password (ConvertTo-SecureString -String 'password' -AsPlainText -Force)

The exported certificate should be usable in app services without any issues.

--please don't forget to upvote and Accept as answer if the reply is helpful--

Paul D 0 Reputation points

2023-09-29T09:51:27.78+00:00

The OP didn't comment, but I had the same problem and this was indeed the solution.

For reference, I got cheap SSL certificates, using my own CSR, used OpenSSL to create the pfx file, which was rejected by Azure, but re-exporting it in powershell did indeed work.

To me this feels like a problem with Azure, and potentially an unnecessary step?

Share via

Can't upload an SSL certificate to Azure WebApp

1 answer

Your answer