Error uploading SSL certificate to Windows Azure [closed]

Question

I have an Azure Web Site running successfully for the last year over SSL. The certificate is expiring, so I purchased a renewal. The steps I followed were:

1. use IIS to create the CSR

2. download the PKCS7 package (which includes intermediate certificates) from GeoTrust

3. complete the certificate request in IIS

4. use the certmgr MMC snap-in to export the PFX file with a private key and including all intermediate certificates and extended properties

5. upload to Azure

I am getting an error from Azure on step 5 - "Could not upload the certificate for web site XYZ." And the expanded error detail is "At least one certificate is not valid (Certificate failed validation because it could not be loaded.)"

Answer 1

Update: Azure support notified me on 2014/07/07 that the issue described below has been fixed.

---

I contacted Azure support and they confirmed that this is a known issue with the service. According to the tech I spoke to, a fix should be deployed some time next week.

In the meantime, I was provided with the following workaround:

While exporting the certificate, uncheck the following boxes:

• Include all certificates in the certificate path if possible
• Export all extended properties

Answer 2

Having just received the error as described (with a COMODO wildcard certificate) I tried NOT including the intermediate certificates when exporting the .pfx cert file and -- low and behold -- Azure accepts the certificate upload.

This goes contrary to the Azure docs, but initial testing of the https URL in Firefox, IE and Chrome doesn't show any problems.