| title | description | services | author | ms.service | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|
Renew an Azure Application Gateway certificate |
Learn how to renew a certificate associated with an application gateway listener. |
application-gateway |
vhorne |
application-gateway |
how-to |
8/15/2018 |
victorh |
At some point, you'll need to renew your certificates if you configured your application gateway for TLS/SSL encryption.
You can renew a certificate associated with a listener using either the Azure portal, Azure PowerShell, or Azure CLI:
To renew a listener certificate from the portal, navigate to your application gateway listeners. Click the listener that has a certificate that needs to be renewed, and then click Renew or edit selected certificate.
Upload your new PFX certificate, give it a name, type the password, and then click Save.
[!INCLUDE updated-for-az]
To renew your certificate using Azure PowerShell, use the following script:
$appgw = Get-AzApplicationGateway `
-ResourceGroupName <ResourceGroup> `
-Name <AppGatewayName>
$password = ConvertTo-SecureString `
-String "<password>" `
-Force `
-AsPlainText
set-AzApplicationGatewaySSLCertificate -Name <oldcertname> `
-ApplicationGateway $appgw -CertificateFile <newcertPath> -Password $password
Set-AzApplicationGateway -ApplicationGateway $appgw
az network application-gateway ssl-cert update \
-n "<CertName>" \
--gateway-name "<AppGatewayName>" \
-g "ResourceGroupName>" \
--cert-file <PathToCerFile> \
--cert-password "<password>"
To learn how to configure TLS Offloading with Azure Application Gateway, see Configure TLS Offload