Add digicert certificate for django/python web app on Azure

398 views Asked by At

A wild card cert has been purchased through Digicert for a domain and I'm currently trying to add this cert to a django/django-rest API hosted on Azure which will resided on a subdomain under that purchased custom domain.

I have configured the web app to recognize the custom subdomain and at this point need to add the pfx file. I have received the pfx file from another who created it through Digicerts windows utility. NGINX was used as the server type, not sure if this is part of the issue or not. When creating a python/django web app on Azure it seems to make a Linux container which runs gunicorn....

When uploading the pfx file and supplying the password given, Azure Portal returns with an error either saying the file or password is incorrect. Tried multiple times with multiple recreations of the pfx file. Even tried taking a given crt file and using openssl locally to generate a pfx file with password and no luck.

Thoughts & guidance? Do I need to use a Key Vault instead and link to Digicert?

1

There are 1 answers

0
SauravDas-MT On

If you check the Private certificate requirements, then you will find that to upload or import a private certificate to App Service, your certificate must meet the following requirements:

• Exported as a password-protected PFX file
• Contains private key at least 2048 bits long
• Contains all intermediate certificates in the certificate chain

The error you are getting can also be due to Insufficient rights. You should be having admin rights on subscription to to upload pfx cert. After granting the correct rights the problem can be resolved.

You can also you key vault to import the certificate. After authorizing App Service to read from the vault, you can import a certificate from your vault to your app. Check Import a certificate from Key Vault for more information.

Check this similar problem raised in the Microsoft Q&A. If you are still facing the problem after all these I would suggest to raise a support ticket to Azure.