Error message occurs when trying to upload pfx certificate to App Service

Vincent Voorheijen 21 Reputation points
2020-12-09T13:40:32.973+00:00

Hello,

We have an App Service running containing a Wordpress instance.
I need to update the wildcard SSL certificate as it is about to run out.
From my Cert authority I have received pfx files, both with and without intermediate ca inside.

When trying to import it as a Private certificate I receive the following error:

46594-image.png

I cannot find any additional information.
Have tried to change the pfx password to a more simple password but to no avail.

What can be the cause of this?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,852 questions
0 comments No comments
{count} votes

Accepted answer
  1. SnehaAgrawal-MSFT 18,286 Reputation points
    2020-12-17T06:14:08.457+00:00

    Update: The issue here was due to Insufficient rights which caused the useless error message. After granting the correct rights the problem was resolved.

    1 person found this answer helpful.

8 additional answers

Sort by: Most helpful
  1. Vincent Voorheijen 21 Reputation points
    2020-12-09T13:44:41.733+00:00

    App Service Plan is B1, which should allow for SSL Certificates. Also, the old currently installed certificates are properly binded and working.

    0 comments No comments

  2. SnehaAgrawal-MSFT 18,286 Reputation points
    2020-12-10T07:39:21.047+00:00

    Thanks for asking question! You may want to know that if you choose to upload or import a private certificate to App Service, your certificate must meet the following requirements:

    • Exported as a password-protected PFX file
    • Contains private key at least 2048 bits long
    • Contains all intermediate certificates in the certificate chain

    Reference: https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate#private-certificate-requirements

    Also, suggest you to access App Service diagnostics ; App Service diagnostics is an intelligent and interactive experience to help you troubleshoot your app with no configuration required.

    Navigate to your App Service web app in the Azure portal. In the left navigation, click on Diagnose and solve problems > click on SSL and Domains > select certificate upload operation

    46648-inkeddemo-li.jpg

    You may also refer to this blog on Common errors when uploading certificates to Azure App Service might be helpful.

    Let us know if you have further question on this.

    Disclaimer: This response contains a reference to a third-party World Wide Web site. Microsoft is providing this information as a convenience to you


  3. Vincent Voorheijen 21 Reputation points
    2020-12-10T09:34:36.767+00:00

    Hello,

    The certificate meets the requirements. This was checked with the Cert. Authority.
    Also tried to upload an older certificate which is in use at other App Services, fails with the same error: Upload for private certificate failed. Check the notification error for more details which leads me to believe the issue is on the Azure side.

    The password for the pfx must be correct. When changing the password the error changes telling me the password is incorrect.

    App Service Diagnostics shows no errors (No uploads either for that matter, which seems strange to me as I have tried it 4 times also with different certificates):
    46892-image.png

    After checking in the Resource Explorer there is no conflicting information which could keep this certificate from importing. All information in there is from current / older certificates.

    What I do find strange is that an installed certificate (Old certificate) shows a different Certification path:
    46866-image.png than on my computer while having the same Thumbprint:
    46845-image.png


  4. Vincent Voorheijen 21 Reputation points
    2020-12-11T08:23:12.337+00:00

    Sent the requested E-mail, will update this post when we have the solution.