New-AzApplicationGatewaySslCertificate

Creates an SSL certificate for an Azure application gateway.

Syntax

New-AzApplicationGatewaySslCertificate
   -Name <String>
   [-CertificateFile <String>]
   [-Password <SecureString>]
   [-KeyVaultSecretId <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzApplicationGatewaySslCertificate cmdlet creates an SSL certificate for an Azure application gateway.

Examples

Example 1: Create an SSL certificate for an Azure application gateway.

PS C:\> $password = ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force
PS C:\> $cert = New-AzApplicationGatewaySslCertificate -Name "Cert01" -CertificateFile "D:\cert01.pfx" -Password $password

This command creates a SSL certificate named Cert01 for the default application gateway and stores the result in the variable named $Cert.

Example 2: Create an SSL certificate using KeyVault Secret (version-less secretId) and add to an application gateway.

PS C:\> $secret = Get-AzKeyVaultSecret -VaultName "keyvault01" -Name "sslCert01"
PS C:\> $secretId = $secret.Id.Replace($secret.Version, "") # https://<keyvaultname>.vault.azure.net/secrets/
PS C:\> $cert = New-AzApplicationGatewaySslCertificate -Name "Cert01" -KeyVaultSecretId $secretId

Get the secret and create an SSL Certificate using New-AzApplicationGatewaySslCertificate. Note: As version-less secretId is provided here, Application Gateway will sync the certificate in regular intervals with the KeyVault.

Example 3: Create an SSL certificate using KeyVault Secret and add to an Application Gateway.

PS C:\> $secret = Get-AzKeyVaultSecret -VaultName "keyvault01" -Name "sslCert01"
PS C:\> $secretId = $secret.Id # https://<keyvaultname>.vault.azure.net/secrets/<hash>
PS C:\> $cert = New-AzApplicationGatewaySslCertificate -Name "Cert01" -KeyVaultSecretId $secretId

Get the secret and create an SSL Certificate using New-AzApplicationGatewaySslCertificate. Note: If it is required that Application Gateway syncs the certificate with the KeyVault, please provide the version-less secretId.

Parameters

-CertificateFile

Specifies the path of the .pfx file of the SSL certificate that this cmdlet creates.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyVaultSecretId

SecretId (uri) of the KeyVault Secret. Use this option when a specific version of secret needs to be used.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Name

Specifies the name of the SSL certificate that this cmdlet creates.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Password

Specifies the password of the SSL that this cmdlet creates.

Type:SecureString
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

PSApplicationGatewaySslCertificate