Azure Web Apps and the certificate store

Published on 07 december 2016

I was trying to load a certificate from the certificate store in an Azure Web App today, and for some reason I could not find it via it's thumbprint. Since I thought I was looking in the wrong certificate store, I went to Kudu to take a closer look via the PowerShell debug console.

My code (probably) wasn't wrong but the certificate simply wasn't there.

After some googling I found out that WebApps in Azure doesn't have access to uploaded certificates unless you add a special AppSetting variable called WEBSITE_LOAD_CERTIFICATES.

You can either set this setting to a comma separated list of the certificate thumbprint that you want to expose, or you can do what I did (YOLO™) and set it to * which exposes all available certificates to the application.

Also, if you're interested in Kudu (which is awesome), check out devlead's appearance on Azure Podcast where he spends 30 minutes or so talking about it: