Renew Application Gateway certificates

8/15/2018
2 minutes to read
Contributors

At some point, you'll need to renew your certificates if you configured your application gateway for SSL encryption.

You can renew a certificate associated with a listener using either the Azure portal, Azure PowerShell, or Azure CLI:

Azure portal

To renew a listener certificate from the portal, navigate to your application gateway listeners. Click the listener that has a certificate that needs to be renewed, and then click Renew or edit selected certificate.

Renew certificate

Upload your new PFX certificate, give it a name, type the password, and then click Save.

Azure PowerShell

Note

This article has been updated to use the new Azure PowerShell Az module. To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. For installation instructions, see Install Azure PowerShell.

To renew your certificate using Azure PowerShell, use the following script:

$appgw = Get-AzApplicationGateway `
  -ResourceGroupName <ResourceGroup> `
  -Name <AppGatewayName>

$password = ConvertTo-SecureString `
  -String "<password>" `
  -Force `
  -AsPlainText

set-AzApplicationGatewaySSLCertificate -Name <oldcertname> `
-ApplicationGateway $appgw -CertificateFile <newcertPath> -Password $password

Set-AzApplicationGateway -ApplicationGateway $appgw

Azure CLI

az network application-gateway ssl-cert update \
  -n "<CertName>" \
  --gateway-name "<AppGatewayName>" \
  -g "ResourceGroupName>" \
  --cert-file <PathToCerFile> \
  --cert-password "<password>"

Next steps

To learn how to configure SSL Offloading with Azure Application Gateway, see Configure SSL Offload

Renew Application Gateway certificates

Azure portal

Azure PowerShell

Azure CLI

Next steps

Feedback

Liquid error: Can't find the localized string giveDocumentationFeedback for template Conceptual.