Import SSL certificates

Import SSL certs to establish secure access to the DuploCloud Portal

Establish secure access to the DuploCloud portal by importing SSL certificates, and creating and configuring the certificates in DuploCloud.

If you haven't already done so, contact the DuploCloud support staff via email or by using your private Slack channel. They will provide you with everything you need to accomplish this task and assist you with other needed prerequisites to set up DuploCloud for Azure.


Generating the PFX file

Because Azure supports only PFX files for SSL certificates, you must convert the CRT file that DuploCloud provides you to PFX format.

To do this, enter the following using the command line:

openssl pkcs12 -export -out certificate.pfx -inkey <CERTIFICATE_PRIVATE_KEY>.key -in <SECURITY_CERTIFICATE_FILE>.crt -certfile <CERTIFICATE_BUNDLE>.crt

When running this command, you will be asked for a password to protect the PFX file. Note this password and store it in a secure place as you will need to provide it when importing the certificate to Azure KeyVault.

Importing SSL certificates to Azure

After you generate the PFX file, sign in to the Azure Portal and access Azure Key Vault.

  1. Select the respective Azure Key Vault for your environment (for example, production versus test) to import the PFX file as shown below.

  2. In Azure Key Vault, navigate to Objects -> Certificates and click Generate/Import.

  3. When you click Generate/Import, the Create a Certificate form displays. In the Method of Certificate Creation field, select Import.

  4. Name the Certificate, using the Certificate Name field.

  5. Browse for a file to upload, using the Upload Certificate File field.

  6. In the Password field, enter the password you set when you generated the PFX file.

  7. Click Create. Even though the certificate is created, notice that the certificate is not yet successfully imported into the vault, as indicated by the No certificates available message, as shown below. To import the certificate, you must obtain the Secret Identifier ARN of this certificate and then configure it in DuploCloud.

  8. On the Certificates page, select the certificate from the list, and open the CURRENT VERSION of the certificate, as shown below, to obtain the Secret Identifier.

You will paste the ARN when you configure the certificate in DuploCloud.

Configuring the SSL Certificate in DuploCloud

With the Secret Identifier in your Clipboard, you are now ready to configure the certificate in the DuploCloud Portal and

  1. In the DuploCloud Portal, navigate to Administrator -> Plans.

  2. Select the Plan to which you want to add the certificate from the Name column. The Plans page displays.

  3. Click the Certificates tab.

  4. Click Add. The Add a Certificate pane displays.

  5. Enter a Name for the certificate.

  6. Paste the Secret Identifier that you obtained from the Azure Portal (it should be in your Clipboard) into the Certificate ARN field.

  7. Click Create.

Using the SSL Certificate for Ingress in DuploCloud

Before attaching certificates with K8S Ingress in the DuploCloud Portal, create and configure an azure-application-gateway.

If you use Kubernetes Ingress, you can attach the certificate to the appropriate DuploCloud service in the DuploCloud portal by using the Kubernetes -> Ingress option.

  1. In the DuploCloud Portal, navigate to Kubernetes -> Ingress.

  2. On the Ingress page, select the Ingress instance for the azure- application-gateway.

  3. Click the Ingress Rules tab.

  4. From the Actions menu, select Edit.

  5. On the Edit Kubernetes Ingress page, select the certificate that you want to attach from the Certificate ARN list box.

  6. Click Update.

The certificate is attached to the Ingress application gateway and is available to the service.

Last updated


© DuploCloud, Inc. All rights reserved. DuploCloud trademarks used herein are registered trademarks of DuploCloud and affiliates