![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 74%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,776 questions
Hi,
Yes, you can use App Service Certificate with Application Gateway as well as exporting/importing it into certificate store on VM so that it can be used with IIS.
What I prefer is to purchase from third party provider since the cost is way lower ($4-$7/year for third-party vs $70/year for App Service Certificate). Third-party certificate works just as well, and since there isn't much convenience using App Service Certificate when used with Application Gateway or VM.
Below article describes how to export App Service Certificate to .pfx file so that you can import it in VM's Local Computer\Personal store using certlm.msc (make sure to select Mark this key as exportable when importing into VM):
Once certificate and its private key are imported into VM, you can export it back out to .pfx file and assign password, that way you can easily upload it to your Application Gateway listener. I find this method easier than pulling it from Key Vault for use with appgw, but you can use whichever method you prefer.
Configuring App Service Certificate in Application Gateway
If something above isn't clear or you have questions, please add comment below.
Please click Accept Answer and upvote if the above was helpful.
Thanks.
-TP