locked
Upload Cert to Azure:X509Store.Open(ReadWrite) - Access Denied RRS feed

  • Question

  • Hello All,

    I'm trying to figure out how to add customer X509Certificate2 certificates to my AppService Web API.  These certs are used as authentication certificates to other Azure resources such as KeyVault.

    The issue I'm having is that there does not seem to be a simple way to load certificates through the new AzureRM UI.  This used to be a feature in the Azure Legacy UI, but the management of Web Sites has changed.

    Is there a way to upload certificates via PowerShell or is there something special I must do to update the StoreName.My certificate store for StoreLocation.CurrentUser or StoreLocation.Machine.   Below is the code that is not working anymore.

    X509Certificate2 myCert; // initialized elsewhere
    using (var store = new X509Store(StoreName.My, StoreLocation.CurrentUser) {
       store.Open(OpenFlags.ReadWrite); // <== Throws Access Denied exception
       store.Add(myCert);
    }


    - Rashad Rivera www.omegusprime.com


    • Edited by Md Shihab Tuesday, June 20, 2017 5:10 AM edited title for SEO
    Monday, June 19, 2017 5:38 PM

All replies

  • Hello,

    Did you follow all the steps as described in the following blog post? I would recommend you try out the sample .net code provided at the end of the blog post.

    https://azure.microsoft.com/en-us/blog/using-certificates-in-azure-websites-applications/

    To upload a certificate using new Azure portal, you can look at 'Upload your SSL certificate' section in the following article.

    https://docs.microsoft.com/en-us/azure/app-service-web/app-service-web-tutorial-custom-ssl


    ashish kurmi

    Tuesday, June 20, 2017 8:08 PM