https://pulumi.com logo
Powered by
Title
f

few-lizard-48557

09/13/2022, 7:56 AM
Azure Application Gateway (V1) - How to load SSL certificate from PFX file into resource Hi, I have created an Azure Application Gateway using Pulumi/TypeScript in 'WAF' tier (basic tier, no support for KeyVault certificates). Unfortunately, I am not able to upload the SSL certificate for the HTTPS connection when creating the Application Gateway. I have included the relevant TypeScript code below and this is specifically about the '*sslCertificates*' section. 
import * as pulumi from "@pulumi/pulumi"; 
import * as azure from "@pulumi/azure-native";
import * as rg from "./resource-group";

//////////////////////////////////////////////////////////////////////////////
// Azure Config variables
//////////////////////////////////////////////////////////////////////////////
const config = new pulumi.Config();
const appGatewayName = config.require("appGatewayName");
const sslCertPassword = config.requireSecret("sslCertPassword");

//////////////////////////////////////////////////////////////////////////////
// Create Azure Application Gateway
//////////////////////////////////////////////////////////////////////////////
const applicationGateway = new azure.network.ApplicationGateway(appGatewayName, {
    applicationGatewayName: appGatewayName,
    authenticationCertificates: [],
    location: "westeurope",
    resourceGroupName: rg.rgName,

    //....

    sslCertificates: [{
        data: "*****",
        name: "my-domain",
        password: sslCertPassword,
    }],

    //....
    //....
});
Here I need values for the properties: 'data' => Base-64 encoded pfx certificate 'name' => Name of the SSL certificate (domain name) 'password' => Password for the pfx file specified in data I have the following values available: - pfx file - domain name - password for pfx file If I assign the certificate (pfx file) the values via Azure Portal, then the HTTPS connection works correctly. But unfortunately I cannot assign the certificate/pfx file via code. How do I get from the pfx file to the data or the format I need for the 'data' property - Any help or example is appreciated!
Hello, I just wanted to let you know that after a few attempts I have now found the solution myself. So first read the pxf-file via fs.readFileSync and then convert it to Base64. The Base64 string can then be assigned to the 'data' propery under 'sslCertificates'. With this you can create the application gateway including the SSL certificate. Attached again the code from before which contains the necessary adjustment... 
import * as pulumi from "@pulumi/pulumi"; 
import * as azure from "@pulumi/azure-native";
import * as fs from 'fs';
import * as rg from "./resource-group";

//////////////////////////////////////////////////////////////////////////////
// Azure Config variables
//////////////////////////////////////////////////////////////////////////////
const config = new pulumi.Config();
const appGatewayName = config.require("appGatewayName");
const sslCertPassword = config.requireSecret("sslCertPassword");

const sslGetCertData = (() => {
    var bitmap = fs.readFileSync('my-domain.pfx');
    return bitmap.toString('base64');
  })()


//////////////////////////////////////////////////////////////////////////////
// Create Azure AppSettings (for AppServices)
//////////////////////////////////////////////////////////////////////////////
const applicationGateway = new azure.network.ApplicationGateway(appGatewayName, {
    applicationGatewayName: appGatewayName,
    authenticationCertificates: [],
    location: "westeurope",
    resourceGroupName: rg.rgName,
    //....

    sslCertificates: [{
        data: sslGetCertData,
        name: "my-domain",
        password: sslCertPassword,
    }],

    //....
    //....
});
9 Views
#generalJoin Slack
Powered by