Application gateway allows you to have an App Service app as a backend pool member with a custom domain.
You can use App Service Certificate or a Third Party Certificate to configure the custom domain. The next steps in the blog will guide you on how to download and export App Service Certificate with private key and upload in Application Gateway. Below are the steps:
Note: Downloading the App Service Certificate and uploading to App Gateway manually would require you to manually upload the renewed certificate in future.
2. Import the certificate:
3. Export the Certificate
4. Once the certificate is exported and saved. You can configure an Application Gateway by following this document : Manage traffic to App Service - Azure Application Gateway | Microsoft Learn
5. The App Service Certificate you exported would need to be added in the Listener you created . Below are the steps for the same:
Open the “Listeners” section and choose “Add listener” or click an existing one to edit:
7. The certificate can be directly uploaded to the Application Gateway or can be uploaded to KeyVault and accessed via the Application Gateway using the below setting while adding a HTTP Listener:
8. Application Gateway supports referencing secrets from Key Vault, but only through non-portal resources like PowerShell, the Azure CLI, APIs, and Azure Resource Manager templates (ARM templates). For more information you can refer this document : TLS termination with Azure Key Vault certificates | Microsoft Learn.
More Information:
If you have any other questions, feel free to comment below!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.