az network application-gateway ssl-cert
Manage SSL certificates of an application gateway.
For more information visit https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-cli.
Commands
| az network application-gateway ssl-cert create |
Upload an SSL certificate. |
| az network application-gateway ssl-cert delete |
Delete an SSL certificate. |
| az network application-gateway ssl-cert list |
List SSL certificates. |
| az network application-gateway ssl-cert show |
Get the details of an SSL certificate. |
| az network application-gateway ssl-cert update |
Update an SSL certificate. |
az network application-gateway ssl-cert create
Upload an SSL certificate.
az network application-gateway ssl-cert create --gateway-name
--name
--resource-group
[--cert-file]
[--cert-password]
[--key-vault-secret-id]
[--no-wait]Examples
Upload an SSL certificate via --cert-file and --cert-password.
az network application-gateway ssl-cert create -g MyResourceGroup --gateway-name MyAppGateway \
-n MySSLCert --cert-file \path\to\cert\file --cert-password Abc123Upload an SSL certificate via --key-vault-secret-id of a KeyVault Secret
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-out azure-cli-app-tls.crt \
-keyout azure-cli-app-tls.key \
-subj "/CN=azure-cli-app"
openssl pkcs12 -export \
-in azure-cli-tls.crt \
-inkey sample-app-tls.key \
-passout pass: -out azure-cli-cert.pfx
SecretValue=$(cat azure-cli-cert.pfx | base64)
az keyvault secret set --vault-name MyKeyVault --name MySecret --value ${SecretValue}
az network application-gateway ssl-cert create \
--resource-group MyResourceGroup \
--gateway-name MyAppGateway \
-n MySSLCert \
--key-vault-secret-id MySecretSecretIDUpload an SSL certificate via --key-vault-secret-id of a KeyVault Certificate
az keyvault certificate create \
--vault-name MyKeyVault \
--name MyCertificate \
--policy "$(az keyvault certificate get-default-policy)" \
az network application-gateway ssl-cert create \
--resource-group MyResourceGroup \
--gateway-name MyAppGateway \
-n MySSLCert \
--key-vault-secret-id MyCertificateSecretIDRequired Parameters
Name of the application gateway.
The name of the SSL certificate.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The path to the PFX certificate file.
Certificate password.
Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in Azure KeyVault.
Do not wait for the long-running operation to finish.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway ssl-cert delete
Delete an SSL certificate.
az network application-gateway ssl-cert delete [--gateway-name]
[--ids]
[--name]
[--no-wait]
[--resource-group]Examples
Delete an SSL certificate.
az network application-gateway ssl-cert delete -g MyResourceGroup --gateway-name MyAppGateway -n MySslCertOptional Parameters
The name of the application gateway.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the SSL certificate.
Do not wait for the long-running operation to finish.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway ssl-cert list
List SSL certificates.
az network application-gateway ssl-cert list --gateway-name
--resource-groupExamples
List SSL certificates.
az network application-gateway ssl-cert list -g MyResourceGroup --gateway-name MyAppGatewayRequired Parameters
The name of the application gateway.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway ssl-cert show
Get the details of an SSL certificate.
az network application-gateway ssl-cert show [--gateway-name]
[--ids]
[--name]
[--resource-group]Examples
Get the details of an SSL certificate.
az network application-gateway ssl-cert show -g MyResourceGroup --gateway-name MyAppGateway -n MySslCertDisplay the expiry date of SSL certificate. The certificate is returned in PKCS7 format from which the expiration date needs to be retrieved.
publiccert=`az network application-gateway ssl-cert show -g MyResourceGroup --gateway-name MyAppGateway --name mywebsite.com --query publicCertData -o tsv`
echo "-----BEGIN PKCS7-----" >> public.cert; echo "${publiccert}" >> public.cert; echo "-----END PKCS7-----" >> public.cert
cat public.cert | fold -w 64 | openssl pkcs7 -print_certs | openssl x509 -noout -enddateOptional Parameters
The name of the application gateway.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the SSL certificate.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az network application-gateway ssl-cert update
Update an SSL certificate.
az network application-gateway ssl-cert update [--add]
[--cert-file]
[--cert-password]
[--force-string]
[--gateway-name]
[--ids]
[--key-vault-secret-id]
[--name]
[--no-wait]
[--remove]
[--resource-group]
[--set]Examples
Change a gateway SSL certificate and password.
az network application-gateway ssl-cert update -g MyResourceGroup --gateway-name MyAppGateway -n MySslCert \
--cert-file \path\to\new\cert\file --cert-password Abc123Abc123Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
The path to the PFX certificate file.
Certificate password.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Name of the application gateway.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in Azure KeyVault.
The name of the SSL certificate.
Do not wait for the long-running operation to finish.
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
الملاحظات
إرسال الملاحظات وعرضها المتعلقة بـ