And then just push the certs folder into the nginx configured ssl directory that links to your nginx configure SSL options
cp certs/* /etc/nginx/ssl/<domain name>/
final part, reload nginx to use the new certificate!
systemctl reload nginx
To use on the Application Gateway — well that is very simple as just going to the application gateway -> listeners -> choose your listener you want to update and then choose the certificate from the key vault.
AND THAT IS IT 🙂 — if you need any more advice on certain areas please say!
So, to start with lets obtain a new certificate (if there is one!!) , please change your domain name to the domain name that you using, the preferred challenge should be to whatever you have setup to be the default process for this certificate, I am using the azure DNS zone so using the azure certbot-azure-dns certbot plugin
The next part is the most important part!, it is creating the PFX file from the new ticket! Please note you have to pass in the whole key chain e.g the chain / fullchain files. (change the domain name again to what you are using)
I am using fedora linux as my development environment OS, I love it but when you are working with azure that mainly believes you are using windows. Then you have to make some changes to your configuration files that windows (may do??) for you.
So, after I created my ssh key for the development, I keep on getting an issue to pull/push up my local git repo where the CLI would just hang or error out, so after doing the -v (verbose mode)
git pull -v
The issue highlighted itself with the following error message
Unable to negotiate with 220.127.116.11 port 22: no matching host key type found. Their offer: ssh-rsa
So, all I did was to update the ~/.ssh/config (your local username home directory .ssh config(uration) file. Please note the last bits, the HostkeyAlgorithms and PubkeyAcceptedKeyTypes