All geek questions in one place

Error loading SSL certificate in Windows Azure

I have an Azure Web Site that has been working successfully over the past year over SSL. The certificate is expiring, so I purchased an update. The following steps followed:

  • use IIS to create CSR

  • download the PKCS7 package (which includes intermediate certificates) from GeoTrust

  • complete the certificate request in IIS

  • use the certmgr MMC snap-in to export the PFX file using the private key and including all intermediate certificates and advanced properties

  • upload to azure

I get a message from Azure in step 5 - "Failed to load certificate for XYZ website." And the extended error information is "At least one certificate is invalid (certificate verification failed because it could not be downloaded.)"

+6
source share
2 answers

Update: Azure Support informed me in 2014/07/07 that the problem described below has been fixed.

I contacted Azure support and they confirmed that this is a known service issue. According to the technology I spoke with, the fix should be deployed next week.

In the meantime, I was provided with the following workaround:

When exporting a certificate, clear the check boxes:

  • Include all certificates in the certificate path, if possible
  • Export all advanced properties
+5
source

Having received the error as described (with the COMODO substitution certificate), I tried NOT to include intermediate certificates when exporting the .pfx certificate file and - low and behold - Azure accepts the certificate download.

This is against Azure docs, but initial testing of the https URLs in Firefox, IE, and Chrome does not cause any problems.

+5
source

Source: https://habr.com/ru/post/971719/

More articles:


All Articles