Document Details
Self Signed Certificates
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
windows_first
⚠️
powershell_heavy
⚠️
windows_tools
⚠️
missing_linux_example
Summary:
The documentation demonstrates a moderate Windows bias. While the main certificate generation workflow uses OpenSSL (cross-platform), Windows tools and patterns are frequently mentioned first or exclusively. The IIS section is more detailed than Linux alternatives, and the only automation example for uploading certificates to Application Gateway is in Azure PowerShell, with no Azure CLI (cross-platform) or ARM/Bicep alternatives. The hosts file editing link is Windows-specific, and some instructions assume a Windows file path structure.
Recommendations:
- Provide Azure CLI examples alongside or before Azure PowerShell for certificate upload and configuration, as CLI is cross-platform.
- Include Linux/macOS-specific instructions for editing the hosts file (e.g., /etc/hosts), not just a Windows link.
- Balance the web server configuration sections: give equal detail for Apache and NGINX as for IIS, including links to official documentation for Linux.
- Use neutral file path examples (e.g., ~/Downloads/contoso.cer or /home/user/contoso.cer) instead of Windows paths (C:\Users\...).
- Mention that OpenSSL is available on macOS as well as Linux and Windows.
- If referencing GUI tools or wizards, ensure Linux alternatives are mentioned or clarify if they are Windows-only.
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-09-12 00:00 | #109 | completed | ✅ Clean |
| 2025-08-12 00:00 | #78 | in_progress | ❌ Biased |
| 2025-08-11 00:00 | #77 | completed | ❌ Biased |
| 2025-08-10 00:00 | #76 | completed | ❌ Biased |
| 2025-08-09 00:00 | #75 | completed | ❌ Biased |
| 2025-08-08 00:00 | #74 | completed | ❌ Biased |
| 2025-08-07 00:00 | #73 | completed | ❌ Biased |
| 2025-08-06 00:00 | #72 | completed | ❌ Biased |
| 2025-08-05 00:00 | #71 | completed | ❌ Biased |
| 2025-08-04 00:00 | #70 | in_progress | ❌ Biased |
| 2025-08-03 00:00 | #69 | completed | ❌ Biased |
| 2025-08-02 00:00 | #68 | in_progress | ✅ Clean |
| 2025-08-01 00:00 | #67 | completed | ❌ Biased |
| 2025-07-31 00:00 | #66 | completed | ✅ Clean |
| 2025-07-30 00:00 | #65 | completed | ✅ Clean |
| 2025-07-29 00:01 | #64 | completed | ✅ Clean |
| 2025-07-28 00:00 | #63 | completed | ✅ Clean |
| 2025-07-27 00:00 | #62 | completed | ✅ Clean |
| 2025-07-26 00:01 | #61 | completed | ✅ Clean |
| 2025-07-13 21:37 | #48 | completed | ❌ Biased |
| 2025-07-09 13:09 | #3 | cancelled | ✅ Clean |
| 2025-07-08 04:23 | #2 | cancelled | ❌ Biased |
Flagged Code Snippets
## Add the trusted root certificate to the Application Gateway
$gw=Get-AzApplicationGateway -Name appgwv2 -ResourceGroupName rgOne
Add-AzApplicationGatewayTrustedRootCertificate `
-ApplicationGateway $gw `
-Name CustomCARoot `
-CertificateFile "C:\Users\surmb\Downloads\contoso.cer"
$trustedroot = Get-AzApplicationGatewayTrustedRootCertificate `
-Name CustomCARoot `
-ApplicationGateway $gw
## Get the listener, backend pool and probe
$listener = Get-AzApplicationGatewayHttpListener `
-Name basichttps `
-ApplicationGateway $gw
$bepool = Get-AzApplicationGatewayBackendAddressPool `
-Name testbackendpool `
-ApplicationGateway $gw
Add-AzApplicationGatewayProbeConfig `
-ApplicationGateway $gw `
-Name testprobe `
-Protocol Https `
-HostName "www.fabrikam.com" `
-Path "/" `
-Interval 15 `
-Timeout 20 `
-UnhealthyThreshold 3
$probe = Get-AzApplicationGatewayProbeConfig `
-Name testprobe `
-ApplicationGateway $gw
## Add the configuration to the HTTP Setting and don't forget to set the "hostname" field
## to the domain name of the server certificate as this will be set as the SNI header and
## will be used to verify the backend server's certificate. Note that TLS handshake will
## fail otherwise and might lead to backend servers being deemed as Unhealthy by the probes
Add-AzApplicationGatewayBackendHttpSettings `
-ApplicationGateway $gw `
-Name testbackend `
-Port 443 `
-Protocol Https `
-Probe $probe `
-TrustedRootCertificate $trustedroot `
-CookieBasedAffinity Disabled `
-RequestTimeout 20 `
-HostName www.fabrikam.com
## Get the configuration and update the Application Gateway
$backendhttp = Get-AzApplicationGatewayBackendHttpSettings `
-Name testbackend `
-ApplicationGateway $gw
Add-AzApplicationGatewayRequestRoutingRule `
-ApplicationGateway $gw `
-Name testrule `
-RuleType Basic `
-BackendHttpSettings $backendhttp `
-HttpListener $listener `
-BackendAddressPool $bepool
Set-AzApplicationGateway -ApplicationGateway $gw