Microsoft's New Power Pages SSL Requirements

I have recently moved my website to Microsoft’s new “Power Pages” platform. Your site can be developed on their temporary host and then moved to your own domain. But they require specific SSL certificates. If I have Cloudflare as my register, does the free SSL I received meet Microsoft’s requirements as outlined below? If not, what does? Thank you!

**"The SSL certificate must meet all the following requirements:

  • Signed by a trusted certificate authority.
  • [Exported] as a password-protected PFX file.
  • Contains private key at least 2048 bits long.
  • Contains all intermediate certificates in the certificate chain.
  • Must be SHA2 enabled; SHA1 support is being removed from popular browsers.
  • PFX file must be encrypted with TripleDES encryption. Power Apps portals doesn’t support AES-256 encryption.
  • Contains an [Extended Key Usage] for server authentication (OID = 1.3.6.1.5.5.7.3.1).

The steps to export SSL certificate as a password-protected PFX file may vary depending on your certificate provider. Check with your certificate provider for recommendation. For example, certain providers may suggest to use OpenSSL 3rd party tool from [OpenSSL] or [OpenSSL Binaries] sites."

** If you have not seen “Microsofts Power Pages” yet, you really should check it out. It’s a game-changer.

Cloudflare’s certificates that you see in a browser are Edge Certificates and cover User <--> Cloudflare.

Since it sounds like they’re referring to the certificate you put onto the origin, this would be either your own certificates you get from somewhere like Let’s Encrypt or similar. Cloudflare has Origin CA certificates for use on origins but they’re not publicly trusted since they are only for Cloudflare <--> Origin.

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.