Share via


az network application-gateway ssl-cert

Manage SSL certificates of an application gateway.

For more information visit https://learn.microsoft.com/en-us/azure/application-gateway/tutorial-ssl-cli.

Commands

Name Description Type Status
az network application-gateway ssl-cert create

Upload an SSL certificate.

Core GA
az network application-gateway ssl-cert delete

Delete an SSL certificate.

Core GA
az network application-gateway ssl-cert list

List SSL certificates.

Core GA
az network application-gateway ssl-cert show

Get the details of an SSL certificate.

Core GA
az network application-gateway ssl-cert update

Update an SSL certificate.

Core GA
az network application-gateway ssl-cert wait

Place the CLI in a waiting state until a condition is met.

Core GA

az network application-gateway ssl-cert create

Upload an SSL certificate.

az network application-gateway ssl-cert create --gateway-name
                                               --name
                                               --resource-group
                                               [--cert-file]
                                               [--cert-password]
                                               [--key-vault-secret-id]
                                               [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]

Examples

Upload an SSL certificate via --cert-file and --cert-password.

az network application-gateway ssl-cert create -g MyResourceGroup --gateway-name MyAppGateway -n MySSLCert --cert-file FilePath --cert-password Abc123

Upload an SSL certificate via --key-vault-secret-id of a KeyVault Certificate.

az keyvault certificate create --vault-name MyKeyVault --name MyCertificate --policy "$(az keyvault certificate get-default-policy)"
az network application-gateway ssl-cert create --resource-group MyResourceGroup --gateway-name MyAppGateway -n MySSLCert --key-vault-secret-id MyCertificateSecretID

Required Parameters

--gateway-name

Name of the application gateway.

--name -n

Name of the SSL certificate.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--cert-file

Path to the pfx certificate file.

--cert-password

Certificate password.

--key-vault-secret-id

Secret ID of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-cert delete

Delete an SSL certificate.

az network application-gateway ssl-cert delete --gateway-name
                                               --name
                                               --resource-group
                                               [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]

Examples

Delete an SSL certificate.

az network application-gateway ssl-cert delete -g MyResourceGroup --gateway-name MyAppGateway -n MySslCert

Required Parameters

--gateway-name

Name of the application gateway.

--name -n

Name of the SSL certificate.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-cert list

List SSL certificates.

az network application-gateway ssl-cert list --gateway-name
                                             --resource-group

Examples

List SSL certificates.

az network application-gateway ssl-cert list -g MyResourceGroup --gateway-name MyAppGateway

Required Parameters

--gateway-name

Name of the application gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-cert show

Get the details of an SSL certificate.

az network application-gateway ssl-cert show --gateway-name
                                             --name
                                             --resource-group

Examples

Get the details of an SSL certificate.

az network application-gateway ssl-cert show -g MyResourceGroup --gateway-name MyAppGateway -n MySslCert

Required Parameters

--gateway-name

Name of the application gateway.

--name -n

Name of the SSL certificate.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-cert update

Update an SSL certificate.

az network application-gateway ssl-cert update --gateway-name
                                               --name
                                               --resource-group
                                               [--add]
                                               [--cert-file]
                                               [--cert-password]
                                               [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                                               [--key-vault-secret-id]
                                               [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                               [--remove]
                                               [--set]

Examples

Change a gateway SSL certificate and password.

az network application-gateway ssl-cert update -g MyResourceGroup --gateway-name MyAppGateway -n MySslCert --cert-file FilePath --cert-password Abc123Abc123

Required Parameters

--gateway-name

Name of the application gateway.

--name -n

Name of the SSL certificate.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--cert-file

Path to the pfx certificate file.

--cert-password

Certificate password.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--key-vault-secret-id

Secret ID of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault.

--no-wait

Do not wait for the long-running operation to finish.

Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway ssl-cert wait

Place the CLI in a waiting state until a condition is met.

az network application-gateway ssl-cert wait [--created]
                                             [--custom]
                                             [--deleted]
                                             [--exists]
                                             [--gateway-name]
                                             [--ids]
                                             [--interval]
                                             [--resource-group]
                                             [--subscription]
                                             [--timeout]
                                             [--updated]

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

Default value: False
--exists

Wait until the resource exists.

Default value: False
--gateway-name

Name of the application gateway.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--interval

Polling interval in seconds.

Default value: 30
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Maximum wait in seconds.

Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.