This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 90%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
Hi,
I've a problem with uploading a .pfx certificate (with all the necessary requirements according the documentation) when trying to add a tls binding to a custom domain for a function app.
I've exported my keypair from keystore explorer as a .pfx format.
I tripled checked everything in the certificate & tried already different solutions.... root & intermediate are present, it's a global sign certificate.
Tried to do it with openssl pkcs12 -export command... nothing works.
This certificate is also used in the listener of the app gateway...
Does anyone have an idea?
Thanks & Kr!
Hi,
Yes, we do meet all those requirements.
I managed to upload the certificate by a different way now.
I was able to import it in a keyvault and binding it to the app by the keyvault.
Kr
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Thanks for reaching here!
If you choose to upload or import a private certificate to App Service, your certificate must meet the following requirements:
Further, to secure a custom domain in a TLS binding, the certificate has more requirements:
Could you please confirm above requirements, let us know if issue remains.