New SSL Uploaded to Azure/Cloud Service and now, can't publish my VS project

OSSAA 26 Reputation points
2020-09-20T13:10:38.87+00:00
  • I updated our SSL certificate and loaded up on our Cloud Service Azure portal.
    • I received our files from iPage, put the main CRT, immediate CRT and Private Key into a PFX file (via OpenSSL) and uploaded that.
    • The https://reserves.guru works fine.
  • Now when I try to publish my project, which has always worked fine, I get the following message that stops the publish.
    • "Certificate with thumbprint <thumbprint key> associated with HTTPS input endpoint HttpsIn does not contain private key."
  • I know the SSL has published correctly with the Private Key.

All I changed in my CSCFG and CSDEF was the thumbprint="<new thumbprint>" in CSCFG and I added the intermediate certificates, which doesn't seem to make a difference.

Been working on this for 2 days. Any help would be appreciated.

Azure Cloud Services
Azure Cloud Services
An Azure platform as a service offer that is used to deploy web and cloud applications.
668 questions
0 comments
Accepted answer
  1. prmanhas-MSFT 17,901 Reputation points Microsoft Employee
    2020-09-22T06:18:01.627+00:00

    @OSSAA After checking internally with team who checked the logs on backend it seems that the new cert was first tried to upload into Cloud service blade using portal on 09/09 17:55 UTC and from the log, it is clear that the certificate uploaded didn't have private key associated with it - "09-09-2020 17:55:28 Certificate with thumbprint <thumbprint...151E4DB...> with no private key provided more than once in input collection."

    There has been multiple attempts to re-upload this cert as per logs but since the cert with this thumbprint existed, it didn't make much difference. It would be good to understand how the certificate was made sure had private key associated. Certificates blade under cloud services allow certificates to be uploaded without private key as well. In case it helps, may be using this OpenSSL command might help.

    Also, once the certificate with private is exported using this command, it would be good to verify the details by opening the certificate to make sure private key is present.

    26330-image.png

    Once it is confirmed, delete the existing uploaded certificate from portal and then upload the new cert.

    Hope it helps!!!

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. prmanhas-MSFT 17,901 Reputation points Microsoft Employee
    2020-09-21T05:49:42.153+00:00

    @OSSAA Firstly, apologies for the delay in responding on this and any inconvenience this issue may have caused

    Make sure you have uploaded the certificate with private key on your cloud service.

    i.e. In Azure portal, select your cloud service, on dashboard - select certificates section.

    Assuming you have uploaded the certificate to the right place, best way to make sure if .pfx contains private key is import the certificate on your local machine and then export it to the .pfx with private key.

    The .pfx file is used for SSL certificate and its has private key, you can create it by Microsoft Management Console or just convert the existing .cer certificate to .pfx. Your work is only to add a private key.

    http://www.ehow.com/how_8586664_convert-cer-pfx.html

    I guess here you need a .pfx certificate, not a .cer one.

    Hope it helps!!!

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics