I am trying to create a Backend Settings object during the Application Gateway using the portal interface. As part of this, it asks for the backend certificate. The backend certificate was issued internally within our organization. However it fails on validation with the following error -
"code": "ApplicationGatewayTrustedRootCertificateInvalidData",
"message": "Data for certificate /subscriptions/subscription-id/resourceGroups/rgname/providers/Microsoft.Network/applicationGateways/new-gw-name/trustedRootCertificates/besname is invalid."
I have attempted using the X509 base64 encoded .cer version of the
- site certificate,
- combined cert with all intermediate certs, as well as,
- root certificate.
But none of these work. All fail with the same error. Any idea on what is wrong?
Thanks in advance!
CodePudding user response:
I am using the base64 encoded .CER file without the chain (w/o intermediary and root) at the https setting of the backend settings of application gateway and it is working fine (see image below). Note that this .CER file must match the certificate (PFX) deployed at the backend application.
Make sure https probe is configured correctly as well.