Is lets encrypt ssl certificate provided compatible with powerapps

Can we use the SSL certificate provided to powerapps , My client is getting below error

Does the certificate provided by let's encrypt meet the following conditions below.

Hi @sree1, and welcome to the LE community forum :slight_smile:

The highlighted lines are dependent on the ACME client or user interaction with the files and the service using them.

But, in general, yes; An LE cert should be valid for such use.

How was the PFX file created?

3 Likes

the Certificate was a single PEM file and we have converted using open ssl

How/where did you get that single .pem file?

3 Likes

they are using hostit provider for DNS hosting and on their console , it seems the lets encrypt is integrated with it . they got it using that console where their website is hosted.

this is the command client used to get the pfx
openssl pkcs12 -export -out sslcertificate_portal.pfx -in lets_Encrypt_portal.corecamcapital.com.pem -passout pass:xxxxxxxxx

If the .pem file is incomplete, or the conversion process didn't match the requirements, then Power Apps may not like it.

Hard to say from here what is going wrong.

4 Likes

do you recommend how the PEM file which has the private key inside the same file to be converted ?

Please show:
cat lets_Encrypt_portal.corecamcapital.com.pem | grep '\-\-\-'
OR
grep '\-\-\-' lets_Encrypt_portal.corecamcapital.com.pem

[this output won't show anything private]

3 Likes

ok. will check now and update you.

If the .pem file contains the cert/intermediate/private-key, it should output something like:

-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----

Anything less (esp. if no PRIVATE section) is questionable (at best) and incorrect/missing something (at worst).

3 Likes

C:\Program Files\OpenSSL-Win64\bin>openssl cat lets_Encrypt_portal.corecamcapital.com.pem | grep '---'
'grep' is not recognized as an internal or external command,
operable program or batch file.

this is the output , it did'nt work

Windows!

Edit the file and copy out the lines (in order) that contain "---".

3 Likes

I didn't ask for openssl - but it would have still failed to grep.

2 Likes

hi, my output post is pending for approval

it has begin certificate request and end certificate request
begin private key, end private key
begin certificate and end certificate twice

BEGIN CERTIFICATE
END CERTIFICATE
BEGIN CERTIFICATE
END CERTIFICATE
BEGIN PRIVATE KEY
END PRIVATE KEY
output for your requested question

1 Like

Are you still there ?

OK that part seems correct.
Now we need to verify the PFX conversion process.

3 Likes