I used self-signed certificate for my IS4. I followed the steps in here.
I tried using self-signed certificate and uploading the pfx file.New-SelfSignedCertificate -Subject "CN=certName" -CertStoreLocation "cert:LocalMachine\My"
With the following in appsetings.json:
"IdentityServer": { "Key": { "Type": "Store", "StoreName": "My", "StoreLocation": "CurrentUser", "Name": "CN=certName" } }
As described in the doc, I attached the certificate to the web app by setting configuration WEBSITE_LOAD_CERTIFICATES to the thumbprint from uploaded certificate. Setting it to * also didn't help. This is the same for certificates from Azure KeyVault.
But, from the logs it seems like the web app/IdentityServer couldn't get the certificate with the given subject.
System.InvalidOperationException: Couldn't find a valid certificate with subject 'CN=certName' on the 'CurrentUser\My'. The app couldn't start and throws 503.
I use Duende which is the latest version of IdentityServer. Did I miss something?