This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 80%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFG%3C/text%3E%3C/svg%3E)
Our Application Gateway for Containers deployed in our AKS cluster, during some specific error conditions (that we cannot quite identify) responds to customer requests with a cached version of an old certificate (expired) that do NOT exist in our cluster secrets.
How can we somehow reset/disable that cached response when something goes wrong in the cluster?
Thanks for posting your question in the Microsoft Q&A forum.
Run the following command to force an update to the Application Gateway configuration:
az network application-gateway frontend-cert update --gateway-name <app-gw-name> --resource-group <resource-group> --name <cert-name> --cert-file <path-to-new-cert> --cert-password <password>
Even if the certificate exists, this forces a refresh.
If you suspect a caching issue, restart the related pods in the azure-application-gateway namespace:
kubectl rollout restart deployment <app-gateway-deployment-name> -n azure-application-gateway
If using an ingress controller, redeploy it:
kubectl delete pod -l app=<ingress-controller-label> -n <namespace>
Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful
Thanks for your feedback!!
I've tried all the suggestions but not the az command update/refresh.
az network application-gateway frontend-cert update --gateway-name <app-gw-name> --resource-group <resource-group> --name <cert-name> --cert-file <path-to-new-cert> --cert-password <password>
We will try that to see if it solves the problem ..
Thanks again for your help!