Creating Certificate Bundles for Application Gateway
There are certain clients that still require a full certificate chain as they may return certificate errors. Certain web servers like IIS can build the chain while others may not serve the full certificate chain in the Server Certificate exchange. Here’s a step-by-step process going through how to detect if this is an issue and…
Querying Resources in Azure Graph
I had a customer reach out requesting how to query all certificates across all subs and figure out when they are expiring. Using Azure Resource Graph I came up with the query below that searches for all app services, find the bindings, and matches those apps up with the Microsoft.web/certificate object. Azure Graph is a…
Root Certificates on Windows
I’m far from a PKI expert so I won’t be going into much detail as a lot of information around certificates can be found through a web search. I spent a considerable amount of time debugging an issue related to certificates and the trusted root store on Windows and I didn’t find much documentation discussing…