- Article
This article discusses how to update or change the certificate that's used in Microsoft Azure Cloud Services (extended support) when the certificate approaches or reaches its expiration date. The article outlines how to do the required steps in the Azure portal, Azure PowerShell, or Microsoft Visual Studio.
Preparatory steps
Before you can update or change the certificate, you must have a validated, self-signed certificate in Personal Information Exchange (.pfx) file format. To self-sign a certificate, follow the PowerShell instructions in Certificates overview for Azure Cloud Services (classic). If you already have a Certificate Authority (CA) certificate, you don't have to self-sign the certificate.
The certificate has to be uploaded to a key vault certificate page. To upload to Azure Key Vault, follow steps 1 through 6 of the upload instructions in Use certificates with Azure Cloud Services (extended support).
Certificate changes
To make your certificate update or change go into effect, use the instructions for your preferred implementation method on one of the following tabs:
- Portal
- PowerShell
- Visual Studio
In the Azure portal, search for and select Cloud services (extended support).
In the list of cloud services, select the name of your cloud service.
In the cloud service menu pane, select Configuration.
In the cloud service configuration page, add the following lines of XML code within the <Role> element. This code specifies the certificate that you want to use, including the certificate name, the thumbprint algorithm (Secure Hash Algorithm 1, or SHA-1), and the thumbprint (a 40-digit hexadecimal hash value).
<Certificates> <Certificate name="Certificate1" thumbprint="0123456789ABCDEF0123456789ABCDEF01234567" thumbprintAlgorithm="sha1" /></Certificates>
Make sure that the certificate thumbprint that you add here matches the real thumbprint of the certificate that you uploaded to the key vault.
Select Save.
Select the key vault to which you uploaded the certificate.
In the list of certificates, wait for the Status column in your certificate entry to change to a value of Found.
Select OK.
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.