If you want to know how to use it in C#/Java, there are some sample code in this document: https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code. Basically, to refer certificates uploaded in Azure App Service Linux using Python does not make much difference from in a local machine. It can be divided into three steps:
Steps:
1. Upload or import the certificates in Azure Portal to make it accessible to the app service:
2. Load certificate by setting WEBSITE_LOAD_CERTIFICATES to * or a specific thumbprint which belong to the certificate you want to use.
Then the certificate(s) will be injected into the python container in the path "/var/ssl/":
Container platform | Public certificates | Private certificates |
---|---|---|
Windows container | C:\appservice\certificates\public |
C:\appservice\certificates\private |
Linux container | /var/ssl/certs |
/var/ssl/private |
3. Refer to the certificate using Python Code.
Firstly, we can check if they exist by going to their directories in SSH:
Then leverage below sample code to use the certificate, replacing the thumbprint with yours:
Sample Code:
Sample1(using pyOpenSSL):
# load OpenSSL.crypto
from OpenSSL import crypto
# open it, using password. Supply/read your own from stdin.
p12 = crypto.load_pkcs12(open("/var/ssl/private/6E619CF099EC156414E939B53358C98841234567.p12", "rb").read(), b"")
# get various properties of said file.
# note these are PyOpenSSL objects, not strings although you
# can convert them to PEM-encoded strings.
p12.get_certificate() # (signed) certificate object
p12.get_privatekey() # private key.
p12.get_ca_certificates() # ca chain.
Output1:
Sample2(using cryptography):
from cryptography.hazmat.primitives.serialization import pkcs12
with open("/var/ssl/private/6E619CF099EC156414E939B53358C98841234567.p12", "rb") as f:
private_key, certificate, additional_certificates = pkcs12.load_key_and_certificates(f.read(), b"")
print(certificate.not_valid_after)
Output2:
Note that those certificates are stored in format "p12" and their password is empty.
All done. Thanks for reading! I hope you have fun in it!
Updated May 21, 2022
Version 1.0KevinLi
Former Employee
Joined June 09, 2021
Apps on Azure Blog
Follow this blog board to get notified when there's new activity