Vendor hosting a Web App in azure, is asking for a PFX certificate

Michael J. Smith 1 Reputation point
2020-12-07T23:20:20.337+00:00

We have a vendor that hosts the Web App Intelledoc's for us. Recent changes from Google have been causing the site to get flagged as "unsafe" - "Warning Deceptive Site ahead".
https://security.googleblog.com/2019/06/new-chrome-protections-from-deception.html

The vendor has asked us to provide them a PFX certificate for subdomains to essentially: "have these sites validated by the customer by incorporating them into the customers internet domain. "

However, I have a great many reservations about doing this, as I've been told to NEVER give a 3rd party a PFX cert.
I know you can use PFX certs with Azure Web Apps, but that's presuming you're using them in your environment, not giving them to someone else's azure environment.

1: Am I correct in being resistant to this suggestion?
2: If there another way to accomplish the same objective without giving them a PFX cert?

Apologies, but I just don't deal with certificates very often. Perhaps once every year or two??

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,815 questions
{count} votes

1 answer

Sort by: Most helpful
  1. SnehaAgrawal-MSFT 18,191 Reputation points
    2020-12-11T12:01:44.637+00:00

    Thanks for reply! If your app has no certificate for the selected custom domain, then you have following lists of options for adding certificates in Azure App Service.

    47431-cert.png

    Reference: https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate

    0 comments No comments