az containerapp env certificate
Note
This command group has commands that are defined in both Azure CLI and at least one extension. Install each extension to benefit from its extended capabilities. Learn more about extensions.
Commands to manage certificates for the Container Apps environment.
Commands
Name | Description | Type | Status |
---|---|---|---|
az containerapp env certificate create |
Create a managed certificate. |
Core | Preview |
az containerapp env certificate delete |
Delete a certificate from the Container Apps environment. |
Core | GA |
az containerapp env certificate delete (containerapp extension) |
Delete a certificate from the Container Apps environment. |
Extension | GA |
az containerapp env certificate list |
List certificates for an environment. |
Core | GA |
az containerapp env certificate list (containerapp extension) |
List certificates for an environment. |
Extension | GA |
az containerapp env certificate upload |
Add or update a certificate. |
Core | GA |
az containerapp env certificate upload (containerapp extension) |
Add or update a certificate. |
Extension | GA |
az containerapp env certificate create
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create a managed certificate.
az containerapp env certificate create --hostname
--name
--resource-group
--validation-method {CNAME, HTTP, TXT}
[--certificate-name]
Examples
Create a managed certificate.
az containerapp env certificate create -g MyResourceGroup --name MyEnvironment --certificate-name MyCertificate --hostname MyHostname --validation-method CNAME
Required Parameters
The custom domain name.
Name of the Container Apps environment.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Validation method of custom domain ownership.
Optional Parameters
Name of the managed certificate which should be unique within the Container Apps environment.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az containerapp env certificate delete
Delete a certificate from the Container Apps environment.
az containerapp env certificate delete [--certificate]
[--ids]
[--location]
[--name]
[--resource-group]
[--subscription]
[--thumbprint]
[--yes]
Examples
Delete a certificate from the Container Apps environment by certificate name
az containerapp env certificate delete -g MyResourceGroup --name MyEnvironment --certificate MyCertificateName
Delete a certificate from the Container Apps environment by certificate id
az containerapp env certificate delete -g MyResourceGroup --name MyEnvironment --certificate MyCertificateId
Delete all certificates that have a matching thumbprint from the Container Apps environment
az containerapp env certificate delete -g MyResourceGroup --name MyEnvironment --thumbprint MyCertificateThumbprint
Optional Parameters
Name or resource id of the certificate.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Location of resource. Examples: eastus2, northeurope.
Name of the Container Apps environment.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Thumbprint of the certificate.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az containerapp env certificate delete (containerapp extension)
Delete a certificate from the Container Apps environment.
az containerapp env certificate delete [--certificate]
[--ids]
[--location]
[--name]
[--resource-group]
[--subscription]
[--thumbprint]
[--yes]
Examples
Delete a certificate from the Container Apps environment by certificate name
az containerapp env certificate delete -g MyResourceGroup --name MyEnvironment --certificate MyCertificateName
Delete a certificate from the Container Apps environment by certificate id
az containerapp env certificate delete -g MyResourceGroup --name MyEnvironment --certificate MyCertificateId
Delete all certificates that have a matching thumbprint from the Container Apps environment
az containerapp env certificate delete -g MyResourceGroup --name MyEnvironment --thumbprint MyCertificateThumbprint
Optional Parameters
Name or resource id of the certificate.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Location of resource. Examples: eastus2, northeurope.
Name of the Container Apps environment.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Thumbprint of the certificate.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az containerapp env certificate list
List certificates for an environment.
az containerapp env certificate list --name
--resource-group
[--certificate]
[--location]
[--managed-certificates-only]
[--private-key-certificates-only]
[--thumbprint]
Examples
List certificates for an environment.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment
Show a certificate by certificate id.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --certificate MyCertificateId
List certificates by certificate name.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --certificate MyCertificateName
List certificates by certificate thumbprint.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --thumbprint MyCertificateThumbprint
List managed certificates for an environment.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --managed-certificates-only
List private key certificates for an environment.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --private-key-certificates-only
Required Parameters
Name of the Container Apps environment.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Name or resource id of the certificate.
Location of resource. Examples: eastus2, northeurope.
List managed certificates only.
List private-key certificates only.
Thumbprint of the certificate.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az containerapp env certificate list (containerapp extension)
List certificates for an environment.
az containerapp env certificate list --name
--resource-group
[--certificate]
[--location]
[--managed-certificates-only]
[--private-key-certificates-only]
[--thumbprint]
Examples
List certificates for an environment.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment
Show a certificate by certificate id.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --certificate MyCertificateId
List certificates by certificate name.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --certificate MyCertificateName
List certificates by certificate thumbprint.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --thumbprint MyCertificateThumbprint
List managed certificates for an environment.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --managed-certificates-only
List private key certificates for an environment.
az containerapp env certificate list -g MyResourceGroup --name MyEnvironment --private-key-certificates-only
Required Parameters
Name of the Container Apps environment.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Name or resource id of the certificate.
Location of resource. Examples: eastus2, northeurope.
List managed certificates only.
List private-key certificates only.
Thumbprint of the certificate.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az containerapp env certificate upload
Add or update a certificate.
az containerapp env certificate upload --certificate-file
[--certificate-name]
[--ids]
[--location]
[--name]
[--password]
[--resource-group]
[--show-prompt]
[--subscription]
Examples
Add or update a certificate.
az containerapp env certificate upload -g MyResourceGroup --name MyEnvironment --certificate-file MyFilepath
Add or update a certificate with a user-provided certificate name.
az containerapp env certificate upload -g MyResourceGroup --name MyEnvironment --certificate-file MyFilepath --certificate-name MyCertificateName
Required Parameters
The filepath of the .pfx or .pem file.
Optional Parameters
Name of the certificate which should be unique within the Container Apps environment.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Location of resource. Examples: eastus2, northeurope.
Name of the Container Apps environment.
The certificate file password.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Show prompt to upload an existing certificate.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az containerapp env certificate upload (containerapp extension)
Add or update a certificate.
az containerapp env certificate upload [--akv-url]
[--certificate-file]
[--certificate-identity]
[--certificate-name]
[--ids]
[--location]
[--name]
[--password]
[--resource-group]
[--show-prompt]
[--subscription]
Examples
Add or update a certificate.
az containerapp env certificate upload -g MyResourceGroup --name MyEnvironment --certificate-file MyFilepath
Add or update a certificate with a user-provided certificate name.
az containerapp env certificate upload -g MyResourceGroup --name MyEnvironment --certificate-file MyFilepath --certificate-name MyCertificateName
Add or update a certificate from azure key vault using managed identity.
az containerapp env certificate upload -g MyResourceGroup --name MyEnvironment --akv-url akvSecretUrl --identity system
Optional Parameters
The URL pointing to the Azure Key Vault secret that holds the certificate.
The filepath of the .pfx or .pem file.
Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity.
Name of the certificate which should be unique within the Container Apps environment.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Location of resource. Examples: eastus2, northeurope.
Name of the Container Apps environment.
The certificate file password.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Show prompt to upload an existing certificate.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.