Use certificate from ceritifcate store private key, in Azure websites

3
votes

To use the Azure storage client encryption with a certificate or other encryption/decryption using a certificate one need access to the private key of the certificate.

We use Azure websites/web app (NOT webroles) and want be able to upload a certificate to the certificate store on Azure and access the private key of the certificate.

I'm able to get the certificate from the certificate store, but when I try to access the private key I get key is not exportable.

It possible to upload the file with the code and load the certificate from file, but it would be more convenient and safe to use the certificate store.

Is there a way to do this ? I have followed this guide: https://azure.microsoft.com/nb-no/blog/using-certificates-in-azure-websites-applications/ but that only give me access to the certificate not the private key.

2
azure-web-app-servicex509certificate2
Did you ever solve this? - Nix
No unfortunately not - Rune Synnevåg

2 Answers

0
votes

Make sure that the PFX file that you are uploading to the Azure web app's certificate list in the portal contains the private key in the first place. You can try to import the pfx in your local machine and export it while checking the option "export the private key". If the export the private key option is grayed while doing the export then it means the pfx is missing the private key.

Your application should be able to access the private key of the certificate if the pfx had it.

0
votes

@RuneSynnevåg, I think you just need to follow the tutorial Enable HTTPS for an app in Azure App Service to do the steps described in the section "Get a certificate using Certreq.exe (Windows only)" and upload the pfx certificate file for your webapp by following the step 3.