Loading and accessing certificates in node.js on Azure App Service

1 minute read | By Karthik


This how-to guide shows accessing private certificates/Public certificates in your node.js application running on Azure App Services.

Loading certificates

  1. In the Azure portal, from the left menu, select App Services > app-name.

  2. From the left navigation of your app, select TLS/SSL settings > Private key certificates (.pfx)/Public key certificates (.cer) > Upload Certificate.

    Upload certificate to Azure

  3. Before we try to access the certificate through code we need to make the uploaded certificates accessible to the app service by adding WEBSITE_LOAD_CERTIFICATES app setting. This article outlines steps to Make the certificate accessible

Accessing the certificate through code

The below is the code where you can fetch the private/public certificates that you have uploaded in a programmatic manner using node.js on Windows App Service. We will be using NPM package ‘win-ca’ for simplicity.

const http = require('http');
const ca = require('win-ca');

// Create an instance of the http server to handle HTTP requests
let app = http.createServer((req, res) => {

// Set a response type of plain text for the response
res.writeHead(200, { 'Content-Type': 'text/plain' });

let certificates = []

// Fetch all certificates in PEM format from My store
    format: ca.der2.pem,
    store: ['My'],
    ondata: crt => certificates.push(crt)

// Send back a response and end the connection
  res.end("Certificate count under 'My' store is: " + certificates.length);

let port = process.env.PORT || 3000;

// Start the server on port 3000

You can refer the following documentation to access the thumbprint on Linux and Windows container App Services.