Azure Application Gateway SSL Certificate: Data must be specified for Certificat

Question

I want to use Azure Application gateway for TLS termination. When trying to upload my PFX certificate to an Application Gateway Listener I receive the following, non-informative, error message:

Failed to save application gateway changes
Failed to save configuration changes to application gateway 'main-backend'. Error: Data must be specified for Certificate main-backend/cert4.

I am using a certificate issued by LetsEncrypt and converted to PFX using openssl. The certificate file looks proper the certificate password I passed to Azure is the right one.

Can someone tell me what's the issue here? Thank you!

Answer 1

Look at my answer in this discussion: Error: Data or KeyVaultSecretId must be specified for certificate

In my case it was a permissions problem and I fixed it changing the ownership of the cert files generated by Let's Encrypt.

Answer 2

See SSL Cert Error in Azure Application Gateway for similar discussion.

My experience aligned with that discussion: the certificate just seemed to take a little while to deploy. No issues beyond the "disappearing rule" described there. Recreated the rule after a little while (and updated NSG to allow incoming on 443) and it flowed to backend pool (in my case: TLS offload on Gateway to HTTPS on backend).