Azure : Renewing the SSL Certificate of the Azure Application Gateway

Introduction

Today’s post is about changing the SSL Certificate of an Application Gateway. Why a post about this? Isn’t it a more upload button… You would think so. When creating the listener, it’s a nice & easy UI. Though I guess someone forgot the renew flow. 😉 This is the screen when you take a look at the HTTP listener. We see the certificate, but no way to edit this part…

2017-02-03-11_29_34-appgatewayhttpslistener-microsoft-azure

So we’ll have to do this manually, via powershell!

 

Updating the Certificate

First get your application gateway ;

2017-02-03-11_14_05-windows-powershell

 

And find your certificate ;

2017-02-03-11_13_35-windows-powershell

Next up ; Delete it…

2017-02-03-11_13_17-windows-powershell

Add the certificate ; 2017-02-03-11_13_00-windows-powershell

And save the configuration

2017-02-03-11_12_27-windows-powershell

And that was it! (bare in mind, the last step takes a while)

 

The Code


$agw = Get-AzureRmApplicationGateway -Name myname

Remove-AzureRmApplicationGatewaySslCertificate -Name my.domain.tld -ApplicationGateway $agw

Add-AzureRmApplicationGatewaySslCertificate -Name "my.domain.tld" -CertificateFile .\path\to\my.domain.tld.pfx -Password "MyNotSoSecretPassword" -ApplicationGateway $agw

Set-AzureRmApplicationGateway -ApplicationGateway $agw

Advertisements

5 thoughts on “Azure : Renewing the SSL Certificate of the Azure Application Gateway

  1. Nice post! :). Always a hassle changing out certificates, think of ADFS and WAP :).

  2. Great post;
    I encounter an issue while running the last command: Set-AzureRmApplicationGateway -ApplicationGateway $agw
    I get:
    Set-AzureRmApplicationGateway : Resource subscriptions/…/OldCert referenced by resource /subscriptions/…/CurrentListener was not found. Please make sure that the referenced resource exists, and that both resources are in the
    same region.

    Any ideas why?

  3. What’s the output of ; $agw (or when you “Get-AzureRmApplicationGateway -Name myname”)?

  4. I’ve had no luck with this script. I’m sure it’s something I’m doing wrong. Also, you need to pass in -ResourceGroupName or it breaks.

  5. Scratch that. The script IS working, but as mentioned earlier, you still need to pass in resource group name:

    $agw = Get-AzureRmApplicationGateway -Name -ResourceGroupName

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s