从Azure密钥保管库到Azure应用服务检索SSL证书

时间:2020-05-07 00:07:34

标签: azure powershell ssl-certificate azure-web-app-service azure-keyvault

我在Azure keyvault中具有SSL证书。我需要通过powershell将此证书安装到Azure应用服务。

1 个答案:

答案 0 :(得分:0)

关于此问题,我们可以从Azure密钥库以pfx文件的形式下载SSL证书,然后使用pfx文件为Azure Web应用程序配置SSL

详细步骤如下。

  1. Download SSL certificate from Azure key vault。请注意,在运行以下命令之前,请为密钥库中的帐户配置访问策略
Connect-AzAccount
$cert=Get-AzKeyVaultSecret -VaultName "your key vault name" -Name ""
$password="Password0123!"
$certBytes = [System.Convert]::FromBase64String($cert.SecretValueText)
$certCollection = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection
$certCollection.Import($certBytes,$null,[System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable)
$protectedCertificateBytes = $certCollection.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Pkcs12, $password)
$pfxPath = "E:\mycert.pfx"
[System.IO.File]::WriteAllBytes($pfxPath, $protectedCertificateBytes)
  1. 配置SSl 
New-AzWebAppSSLBinding -WebAppName $webappname -ResourceGroupName $webappname -Name $fqdn `
-CertificateFilePath $pfxPath -CertificatePassword $pfxPassword -SslState SniEnabled
相关问题
最新问题