Convert GoDaddy PEM certificate to PFX certificate to use in Azure App Service
When you purchase GoDaddy certificates, you should get 3 files:
- *.crt file
- *.pem file
- *-key.txt file
1. Change the key file's name to the key extension so any future tools can find it by its extension.
2. If you download and/or open the key file on a Windows computer, your key file may now have the wrong encoding. Use a bash terminal and the iconv CLI tool to convert to the correct encoding in a new file with a "2" added at the end of the filename to indicate the different file:
iconv -c -f UTF-8 -t ASCII your-domain-name.key > your-domain-name.2.key
3. Convert to the PFX format with the openssl CLI tool:
openssl pkcs12 -export -out your-domain-name.pfx -inkey your-domain-name.2.key -in your-domain-name.crt
4. You need to enter a new password when creating the PFX. Remember the password, you will need it when you add your certificate to Azure App Service.
5. In the Azure portal, for your App Service, select TLS/SSL settings.
6. Add a new TLS/SSL settings.
7. Select your TLS/SSL settings:
- Your new local file system's PFX file
- Your password from step 4
- Select the thumbpint and TLS/SSL type - there should be one choice in the drop down box
9. Restart your App service.
10. On the Azure portal's Overview for your App Service, select your URL such as https://YOUR-DOMAIN.
11. The browser may take a few seconds to reload. Notice the browser indicates your website is secure with the typical lock icon.