in my company I have an Azure environment in which SSL certificates need to be renewed. But I was given no info about them.

So I have app services that run in an ASE, with an app Gateway. The certificate for the ASE is handled, I'm trying to gather all the information I can on the app services certificate and the app gateway certificate.

with Azure CLI, running this command on the app gateway gives me lot of data including the serial number but not the thumbprint :

$publiccertprod1= az network application-gateway ssl-cert show -g RessourceGroupName --gateway-name AppGatewayName --name CertName --query publicCertData -o tsv
echo "-----BEGIN PKCS7-----" >> publicprod1.cert; echo "${publiccertprod1}" >> publicprod1.cert; echo "-----END PKCS7-----" >> publicprod1.cert
cat publicprod1.cert | fold -w 64 | openssl pkcs7 -print_certs | openssl x509 -noout -text

On the other hand, running this command on app service gives me the thumbprint but not the serial number

az webapp config ssl list --resource-group AppServiceRessourceGroup

So, how can I be sure it's the same certificate or not (from the internal intel I have it's a different one), and how can I get the missing serial number and thumbprint?

the internal process for certificate renewal asks me for serial numbers so getting this one would be huge.

Thanks

Edit: as Ked Mardemootoo suggested, using AzAppGWCert module gave me all necessary details. You can find it here :

Refer SO thread for more info