azure logo
Azure Classic v5.38.0, Mar 21 23

azure.appservice.Certificate

Manages an App Service certificate.

Example Usage

This example provisions an App Service Certificate from a Local File.

using System;
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Azure = Pulumi.Azure;

	private static string ReadFileBase64(string path) {
		return Convert.ToBase64String(Encoding.UTF8.GetBytes(File.ReadAllText(path)))
	}

return await Deployment.RunAsync(() => 
{
    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleCertificate = new Azure.AppService.Certificate("exampleCertificate", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        PfxBlob = ReadFileBase64("certificate.pfx"),
        Password = "password123!",
    });

});
package main

import (
	"encoding/base64"
	"os"

	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appservice"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func filebase64OrPanic(path string) pulumi.StringPtrInput {
	if fileData, err := os.ReadFile(path); err == nil {
		return pulumi.String(base64.StdEncoding.EncodeToString(fileData[:]))
	} else {
		panic(err.Error())
	}
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = appservice.NewCertificate(ctx, "exampleCertificate", &appservice.CertificateArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
			PfxBlob:           filebase64OrPanic("certificate.pfx"),
			Password:          pulumi.String("password123!"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appservice.Certificate;
import com.pulumi.azure.appservice.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleCertificate = new Certificate("exampleCertificate", CertificateArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .pfxBlob(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get("certificate.pfx"))))
            .password("password123!")
            .build());

    }
}
import pulumi
import base64
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_certificate = azure.appservice.Certificate("exampleCertificate",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    pfx_blob=(lambda path: base64.b64encode(open(path).read().encode()).decode())("certificate.pfx"),
    password="password123!")
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as fs from "fs";

const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleCertificate = new azure.appservice.Certificate("exampleCertificate", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
    pfxBlob: Buffer.from(fs.readFileSync("certificate.pfx"), 'binary').toString('base64'),
    password: "password123!",
});

Coming soon!

Create Certificate Resource

new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                app_service_plan_id: Optional[str] = None,
                key_vault_secret_id: Optional[str] = None,
                location: Optional[str] = None,
                name: Optional[str] = None,
                password: Optional[str] = None,
                pfx_blob: Optional[str] = None,
                resource_group_name: Optional[str] = None,
                tags: Optional[Mapping[str, str]] = None)
@overload
def Certificate(resource_name: str,
                args: CertificateArgs,
                opts: Optional[ResourceOptions] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: azure:appservice:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CertificateArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Certificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Certificate resource accepts the following input properties:

ResourceGroupName string

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

AppServicePlanId string

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

KeyVaultSecretId string

The ID of the Key Vault secret. Changing this forces a new resource to be created.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the certificate. Changing this forces a new resource to be created.

Password string

The password to access the certificate's private key. Changing this forces a new resource to be created.

PfxBlob string

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

Tags Dictionary<string, string>

A mapping of tags to assign to the resource.

ResourceGroupName string

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

AppServicePlanId string

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

KeyVaultSecretId string

The ID of the Key Vault secret. Changing this forces a new resource to be created.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the certificate. Changing this forces a new resource to be created.

Password string

The password to access the certificate's private key. Changing this forces a new resource to be created.

PfxBlob string

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

Tags map[string]string

A mapping of tags to assign to the resource.

resourceGroupName String

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

appServicePlanId String

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

keyVaultSecretId String

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the certificate. Changing this forces a new resource to be created.

password String

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfxBlob String

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

tags Map<String,String>

A mapping of tags to assign to the resource.

resourceGroupName string

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

appServicePlanId string

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

keyVaultSecretId string

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name string

Specifies the name of the certificate. Changing this forces a new resource to be created.

password string

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfxBlob string

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

tags {[key: string]: string}

A mapping of tags to assign to the resource.

resource_group_name str

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

app_service_plan_id str

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

key_vault_secret_id str

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location str

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name str

Specifies the name of the certificate. Changing this forces a new resource to be created.

password str

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfx_blob str

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

tags Mapping[str, str]

A mapping of tags to assign to the resource.

resourceGroupName String

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

appServicePlanId String

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

keyVaultSecretId String

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the certificate. Changing this forces a new resource to be created.

password String

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfxBlob String

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

tags Map<String>

A mapping of tags to assign to the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

ExpirationDate string

The expiration date for the certificate.

FriendlyName string

The friendly name of the certificate.

HostNames List<string>

List of host names the certificate applies to.

HostingEnvironmentProfileId string

The ID of the App Service Environment where the certificate is in use.

Id string

The provider-assigned unique ID for this managed resource.

IssueDate string

The issue date for the certificate.

Issuer string

The name of the certificate issuer.

SubjectName string

The subject name of the certificate.

Thumbprint string

The thumbprint for the certificate.

ExpirationDate string

The expiration date for the certificate.

FriendlyName string

The friendly name of the certificate.

HostNames []string

List of host names the certificate applies to.

HostingEnvironmentProfileId string

The ID of the App Service Environment where the certificate is in use.

Id string

The provider-assigned unique ID for this managed resource.

IssueDate string

The issue date for the certificate.

Issuer string

The name of the certificate issuer.

SubjectName string

The subject name of the certificate.

Thumbprint string

The thumbprint for the certificate.

expirationDate String

The expiration date for the certificate.

friendlyName String

The friendly name of the certificate.

hostNames List<String>

List of host names the certificate applies to.

hostingEnvironmentProfileId String

The ID of the App Service Environment where the certificate is in use.

id String

The provider-assigned unique ID for this managed resource.

issueDate String

The issue date for the certificate.

issuer String

The name of the certificate issuer.

subjectName String

The subject name of the certificate.

thumbprint String

The thumbprint for the certificate.

expirationDate string

The expiration date for the certificate.

friendlyName string

The friendly name of the certificate.

hostNames string[]

List of host names the certificate applies to.

hostingEnvironmentProfileId string

The ID of the App Service Environment where the certificate is in use.

id string

The provider-assigned unique ID for this managed resource.

issueDate string

The issue date for the certificate.

issuer string

The name of the certificate issuer.

subjectName string

The subject name of the certificate.

thumbprint string

The thumbprint for the certificate.

expiration_date str

The expiration date for the certificate.

friendly_name str

The friendly name of the certificate.

host_names Sequence[str]

List of host names the certificate applies to.

hosting_environment_profile_id str

The ID of the App Service Environment where the certificate is in use.

id str

The provider-assigned unique ID for this managed resource.

issue_date str

The issue date for the certificate.

issuer str

The name of the certificate issuer.

subject_name str

The subject name of the certificate.

thumbprint str

The thumbprint for the certificate.

expirationDate String

The expiration date for the certificate.

friendlyName String

The friendly name of the certificate.

hostNames List<String>

List of host names the certificate applies to.

hostingEnvironmentProfileId String

The ID of the App Service Environment where the certificate is in use.

id String

The provider-assigned unique ID for this managed resource.

issueDate String

The issue date for the certificate.

issuer String

The name of the certificate issuer.

subjectName String

The subject name of the certificate.

thumbprint String

The thumbprint for the certificate.

Look up Existing Certificate Resource

Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        app_service_plan_id: Optional[str] = None,
        expiration_date: Optional[str] = None,
        friendly_name: Optional[str] = None,
        host_names: Optional[Sequence[str]] = None,
        hosting_environment_profile_id: Optional[str] = None,
        issue_date: Optional[str] = None,
        issuer: Optional[str] = None,
        key_vault_secret_id: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        password: Optional[str] = None,
        pfx_blob: Optional[str] = None,
        resource_group_name: Optional[str] = None,
        subject_name: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        thumbprint: Optional[str] = None) -> Certificate
func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)
public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)
public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AppServicePlanId string

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

ExpirationDate string

The expiration date for the certificate.

FriendlyName string

The friendly name of the certificate.

HostNames List<string>

List of host names the certificate applies to.

HostingEnvironmentProfileId string

The ID of the App Service Environment where the certificate is in use.

IssueDate string

The issue date for the certificate.

Issuer string

The name of the certificate issuer.

KeyVaultSecretId string

The ID of the Key Vault secret. Changing this forces a new resource to be created.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the certificate. Changing this forces a new resource to be created.

Password string

The password to access the certificate's private key. Changing this forces a new resource to be created.

PfxBlob string

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

ResourceGroupName string

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

SubjectName string

The subject name of the certificate.

Tags Dictionary<string, string>

A mapping of tags to assign to the resource.

Thumbprint string

The thumbprint for the certificate.

AppServicePlanId string

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

ExpirationDate string

The expiration date for the certificate.

FriendlyName string

The friendly name of the certificate.

HostNames []string

List of host names the certificate applies to.

HostingEnvironmentProfileId string

The ID of the App Service Environment where the certificate is in use.

IssueDate string

The issue date for the certificate.

Issuer string

The name of the certificate issuer.

KeyVaultSecretId string

The ID of the Key Vault secret. Changing this forces a new resource to be created.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the certificate. Changing this forces a new resource to be created.

Password string

The password to access the certificate's private key. Changing this forces a new resource to be created.

PfxBlob string

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

ResourceGroupName string

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

SubjectName string

The subject name of the certificate.

Tags map[string]string

A mapping of tags to assign to the resource.

Thumbprint string

The thumbprint for the certificate.

appServicePlanId String

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

expirationDate String

The expiration date for the certificate.

friendlyName String

The friendly name of the certificate.

hostNames List<String>

List of host names the certificate applies to.

hostingEnvironmentProfileId String

The ID of the App Service Environment where the certificate is in use.

issueDate String

The issue date for the certificate.

issuer String

The name of the certificate issuer.

keyVaultSecretId String

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the certificate. Changing this forces a new resource to be created.

password String

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfxBlob String

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

resourceGroupName String

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

subjectName String

The subject name of the certificate.

tags Map<String,String>

A mapping of tags to assign to the resource.

thumbprint String

The thumbprint for the certificate.

appServicePlanId string

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

expirationDate string

The expiration date for the certificate.

friendlyName string

The friendly name of the certificate.

hostNames string[]

List of host names the certificate applies to.

hostingEnvironmentProfileId string

The ID of the App Service Environment where the certificate is in use.

issueDate string

The issue date for the certificate.

issuer string

The name of the certificate issuer.

keyVaultSecretId string

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name string

Specifies the name of the certificate. Changing this forces a new resource to be created.

password string

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfxBlob string

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

resourceGroupName string

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

subjectName string

The subject name of the certificate.

tags {[key: string]: string}

A mapping of tags to assign to the resource.

thumbprint string

The thumbprint for the certificate.

app_service_plan_id str

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

expiration_date str

The expiration date for the certificate.

friendly_name str

The friendly name of the certificate.

host_names Sequence[str]

List of host names the certificate applies to.

hosting_environment_profile_id str

The ID of the App Service Environment where the certificate is in use.

issue_date str

The issue date for the certificate.

issuer str

The name of the certificate issuer.

key_vault_secret_id str

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location str

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name str

Specifies the name of the certificate. Changing this forces a new resource to be created.

password str

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfx_blob str

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

resource_group_name str

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

subject_name str

The subject name of the certificate.

tags Mapping[str, str]

A mapping of tags to assign to the resource.

thumbprint str

The thumbprint for the certificate.

appServicePlanId String

The ID of the associated App Service plan. Must be specified when the certificate is used inside an App Service Environment hosted App Service. Changing this forces a new resource to be created.

expirationDate String

The expiration date for the certificate.

friendlyName String

The friendly name of the certificate.

hostNames List<String>

List of host names the certificate applies to.

hostingEnvironmentProfileId String

The ID of the App Service Environment where the certificate is in use.

issueDate String

The issue date for the certificate.

issuer String

The name of the certificate issuer.

keyVaultSecretId String

The ID of the Key Vault secret. Changing this forces a new resource to be created.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the certificate. Changing this forces a new resource to be created.

password String

The password to access the certificate's private key. Changing this forces a new resource to be created.

pfxBlob String

The base64-encoded contents of the certificate. Changing this forces a new resource to be created.

resourceGroupName String

The name of the resource group in which to create the certificate. Changing this forces a new resource to be created.

subjectName String

The subject name of the certificate.

tags Map<String>

A mapping of tags to assign to the resource.

thumbprint String

The thumbprint for the certificate.

Import

App Service Certificates can be imported using the resource id, e.g.

 $ pulumi import azure:appservice/certificate:Certificate example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Web/certificates/certificate1

Package Details

Repository
Azure Classic pulumi/pulumi-azure
License
Apache-2.0
Notes

This Pulumi package is based on the azurerm Terraform Provider.