如何将私钥证书(.pfx)、公钥证书(.cer)上载到Azure WebApp
如何使用Azure Powershell将私有、公共证书上载到Azure AppService。我知道新的AzureRmWebAppSSLBinding,但我不做任何SSL绑定 我们有使用SSL绑定的Azure应用程序服务。为此,我使用了新的AzureRmWebAppSSLBinding来上传证书。我确实在我的web应用程序上上传了每个主机的证书。这个很好用。 但我想上传额外的私人和公共证书到这个应用程序服务上进行API验证。我没有找到任何azure powershell命令来上载私有或公共证书 Azure portal允许上载私人证书及其密码或公共证书。但是,我想使用powershell执行同样的操作。门户UI还可以选择从密钥库导入证书。我当然可以将证书上载到密钥库,但没有powershell命令将其导入Azure应用程序服务如何将私钥证书(.pfx)、公钥证书(.cer)上载到Azure WebApp,azure,powershell,ssl,certificate,azure-web-app-service,Azure,Powershell,Ssl,Certificate,Azure Web App Service,如何使用Azure Powershell将私有、公共证书上载到Azure AppService。我知道新的AzureRmWebAppSSLBinding,但我不做任何SSL绑定 我们有使用SSL绑定的Azure应用程序服务。为此,我使用了新的AzureRmWebAppSSLBinding来上传证书。我确实在我的web应用程序上上传了每个主机的证书。这个很好用。 但我想上传额外的私人和公共证书到这个应用程序服务上进行API验证。我没有找到任何azure powershell命令来上载私有或公共证书
$webApps = @{
"Dev_AppServicesGroup" = "DevUserService"
}
$certName = "chain-cert.cer"
$Path = "C:\Certs"
$fullpath = $path + '\' + $certname
$pwd = ConvertTo-SecureString -String 'anyPwd' -AsPlainText -Force
$cert = New-AzureRmApplicationGatewaySslCertificate -Name 'someCert' -CertificateFile $fullpath -Password $pwd
$apiVersion = '2018-02-01'
if($cert)
{
$PropertiesObject = @{
blob=$cert.Data;
publicCertificateLocation= "CurrentUserMy"
}
foreach($resourceGroup in $webApps.Keys)
{
$webAppName = $webApps.Item($resourceGroup)
$resource = Get-AzureRmWebApp -ResourceGroupName $resourceGroup -Name $webAppName
$resourceName = $resource.Name + "/"+$certName
New-AzureRmResource -Location $resource.Location -PropertyObject $PropertiesObject -ResourceGroupName $resource.ResourceGroup -ResourceType Microsoft.Web/sites/publicCertificates -ResourceName $resourceName -ApiVersion $apiVersion -Force
#Apply the cert to the deployment slots if any
$slots = Get-AzureRmResource -ResourceGroupName $resource.ResourceGroup -ResourceType Microsoft.Web/sites/slots -ResourceName $webAppName -ApiVersion $apiVersion
foreach($slot in $slots)
{
$resourceName = $slot.Name + "/"+$certName
New-AzureRmResource -Location $slot.Location -PropertyObject $PropertiesObject -ResourceGroupName $slot.ResourceGroupName -ResourceType Microsoft.Web/sites/slots/publicCertificates -ResourceName $resourceName -ApiVersion $apiVersion -Force
}
}
}
$webappName=""
$groupName=""
# set custom doamin
$fqdn="<your custom domain name>"
Set-AzureRmWebApp -Name $webappName -ResourceGroupName $groupName -HostNames($fqdn, "$webappName.azurewebsites.net")
#bind ssl
$pfxPath="<Replace with path to your .PFX file>"
$pfxPassword="<Replace with your .PFX password>"
#Upload and bind the SSL certificate to the web app
New-AzureRmWebAppSSLBinding -WebAppName $webappName -ResourceGroupName $groupName -Name $fqdn -CertificateFilePath $pfxPath -CertificatePassword $pfxPassword -SslState SniEnabled
#bind an existing Azure certificate
New-AzureRmWebAppSSLBinding -WebAppName $webappName -ResourceGroupName $groupName -Name $fqdn -Thumbprint "the thumbprint of the cert"
$webappName=“”
$groupName=“”
#设置自定义doamin
$fqdn=“”
设置AzureRmWebApp-Name$webappName-ResourceGroupName$groupName-HostName($fqdn,“$webappName.azurewebsites.net”)
#绑定ssl
$pfxPath=“”
$pfxPassword=“”
#上载SSL证书并将其绑定到web应用
新AzureRmWebAppSSLBinding-WebAppName$WebAppName-ResourceGroupName$groupName-Name$fqdn-CertificateFilePath$pfxPath-CertificatePassword$pfxPassword-SslState已启用
#绑定现有Azure证书
新AzureRmWebAppSSLBinding-WebAppName$WebAppName-ResourceGroupName$groupName-Name$fqdn-Thumbprint“证书的指纹”
$webApps = @{
"Dev_AppServicesGroup" = "DevUserService"
}
$certName = "chain-cert.cer"
$Path = "C:\Certs"
$fullpath = $path + '\' + $certname
$pwd = ConvertTo-SecureString -String 'anyPwd' -AsPlainText -Force
$cert = New-AzureRmApplicationGatewaySslCertificate -Name 'someCert' -CertificateFile $fullpath -Password $pwd
$apiVersion = '2018-02-01'
if($cert)
{
$PropertiesObject = @{
blob=$cert.Data;
publicCertificateLocation= "CurrentUserMy"
}
foreach($resourceGroup in $webApps.Keys)
{
$webAppName = $webApps.Item($resourceGroup)
$resource = Get-AzureRmWebApp -ResourceGroupName $resourceGroup -Name $webAppName
$resourceName = $resource.Name + "/"+$certName
New-AzureRmResource -Location $resource.Location -PropertyObject $PropertiesObject -ResourceGroupName $resource.ResourceGroup -ResourceType Microsoft.Web/sites/publicCertificates -ResourceName $resourceName -ApiVersion $apiVersion -Force
#Apply the cert to the deployment slots if any
$slots = Get-AzureRmResource -ResourceGroupName $resource.ResourceGroup -ResourceType Microsoft.Web/sites/slots -ResourceName $webAppName -ApiVersion $apiVersion
foreach($slot in $slots)
{
$resourceName = $slot.Name + "/"+$certName
New-AzureRmResource -Location $slot.Location -PropertyObject $PropertiesObject -ResourceGroupName $slot.ResourceGroupName -ResourceType Microsoft.Web/sites/slots/publicCertificates -ResourceName $resourceName -ApiVersion $apiVersion -Force
}
}
}
#Private certs needs to be uploaded to each resource group with app services
$resourceGroups = @("Dev_AppServicesGroup1", "Dev_AppServicesGroup2")
$certName = "event-store-user.p12"
$certPwd = "Your certificate password" #This is the private cert password
$Path = "C:\Certs"
$fullpath = $path + '\' + $certname
$pwd = ConvertTo-SecureString -String 'SomePwd' -AsPlainText -Force
$cert = New-AzureRmApplicationGatewaySslCertificate -Name someCert -CertificateFile $fullpath -Password $pwd
$apiVersion = '2018-02-01'
if($cert)
{
$PropertiesObject = @{
pfxBlob=$cert.Data;
password =$certPwd; #This is the private cert password
ResourceType = "Microsoft.Web/Certificates"
}
foreach($resourceGroup in $resourceGroups)
{
$resource = Get-AzureRmResourceGroup -Name $resourceGroup
New-AzureRmResource -ResourceName $certName -Location $resource.Location -PropertyObject $PropertiesObject -ResourceGroupName $resource.ResourceGroupName -ResourceType Microsoft.Web/certificates -ApiVersion $apiVersion -Force
}
}
就这样。要上载SSL证书并将其绑定到应用程序服务,您可以使用命令“New AzWebAppSSLBinding”。正如我提到的,我已经使用该命令将SSL证书绑定到我的应用程序。我说的是上载其他私钥和公钥证书。根据我的研究,我们可以使用Azure CLI命令
az webapp config ssl uploadaz webapp config ssl uploadaz webapp config ssl bind