I have hosted Mosquitto broker(MQTT server) on Azure VM. I am trying to connect to MQTT broker through Azure WebJob. When I connect to broker from local machine using self signed server certificate(ssl/tls connection) it works fine but when I host the same application on Azure AppService it gives error : Invalid remote certificate according to certificate validation procedure. I have installed same pfx certificate file on Azure portal still I am getting the same error. How to install third party server's ssl certificate in Azure Trusted Root Store so that it can validate the certificate through Trusted Root Store.
As far as I know, we don't have the permission to install third party server's ssl certificate in Azure Trusted Root Store for WebApp.
We could only load the third party server's certificate from the current user's store.
If the server support using personal store's SSL to connect to, I suggest you could try to set it in the azure portal.
More details about how to load the certificate in the azure web app, you could refer to below steps:
1.Upload the certificate:
2.Copy the Thumbprint.
3.Add the Thumbprint in the app setting to load the certificate when web site running.
4.Add code to the webjobs function to load the certificate:
X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
certStore.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = certStore.Certificates.Find(
X509FindType.FindByThumbprint,
"",
false);
// Get the first cert with the thumbprint
if (certCollection.Count > 0)
{
X509Certificate2 cert = certCollection[0];
// Use certificate
log.WriteLine(cert.FriendlyName);
}
Result: