azure application gateway data for certificate is invalid error fix

A quick blog post to show a fix for when you get the error data for certificate is invalid error when applying backend settings within Azure Application Gateway.

Within the Azure Activity log, you may come across this error:

Error code: ApplicationGatewayTrustedRootCertificateInvalidData

Message: Data for certificate /subscriptions/04109105-f3ca-44ac-a3a7-66b4936112c3/resourceGroups/ttcloud_aca/providers/Microsoft.Network/applicationGateways/ttcloud-appgw/trustedRootCertificates/cert is invalid.

Reviewing the backend settings in the Application Gateway, we can see the snippet: For end-to-end SSL encryption, the backends must be in the allowlist of the application gateway. Upload the public certificate of the backend servers to this Backend setting.

You may still be wondering what certificate this is? Lets resolve that 🙂 For Application Gateway v2 SKU, the root certificate requires to be Base-64 encoded X.509(.CER) format.

I obtained this by using Windows and certmgr, navigating to the required certificate -> double-click and navigate to the certificate path tab – as below, you will see the full certificate path.

Select the root certificate (highlighted above) -> double click and select details tab -> copy to file

Select next -> Base-64 encoded X.509 (.CER)

Follow next & select appropriate file name.

This will be the certificate that you require to fix the error data for certificate is invalid error

Thanks for reading, hopefully this has assisted you if you have found this page!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s