Azure Application Gateway with Cloudflare Certificates

Hello, I am trying to implement an Azure Application Gateway with the DNS on cloudflare, in addition to the certificates.

What I have done:
Installed the origin root CA on the app service with the sufficient names,

Installed the .cer on the app service, which holds the cloudflare public key.

On the application gateway, I have installed the same certificate as on the app service which has the same thumbprint.

I have attempted multiple variations of the certificate chain - the intermediate always seems to be missing.

What Is Happening:
I am getting 502 on my application gateway, the error message is as follows:

“The Intermediate certificate is missing from the backend server chain. Please ensure that the certificate chain is complete and correctly ordered on the backend server.”

The intermediate certificate does seem to be missing on the site, but the certificate is valid.

Not sure how to add this intermediate certificate or what I need to do. I do not see anything on cloudflare that allows me to get it.

I have tried to troubleshoot using this documentation:

I am using an origin (strict) certificate:

I have downloaded:

In Azure, my certificate on the app service for SSL appears as follows:

Cloudflare Origin Certificate (followed by hostnames).

If possible could I be told explicitly where to get each certificate in cloudflare, what order they need to be in - and where to apply it in azure if possible.

Thank you very much

There is no intermediate certificate. See the note at the bottom of the origin certificate page here…

You’ll need to use a certificate from LetsEncrypt or another CA if your application requires a trusted certificate.