Terraform - Create Azure Application Targeting Two Web-Apps

I am using Terraform 1.5.5 to create an Azure Application Gateway (SKU-2) targeting two Azure web-apps under a custom domain. I need to use https in communication but am struggling around “app-gw” and “web-app” certificates and how to implement this in Terraform.

This article seems to suggest its straight forward.

End-to-end TLS with the v2 SKU

  1. Do I need to create a pfx certificate (in this case it will have to be a wildcard) to store in key-vault and then link to application gateway https listeners?

  2. I have created the Terraform that creates an Azure Managed Cert for each of the 2 web-apps and bound it to the custom domain. Are the “Application Gateway Cert.” and the “managed web-app certs.” all required? (if all certs. are required are they related?)