Source: itnext.io
Storing and Retrieving Third-Party Certificates in Azure Key VaultCategory: Data, encryption
Storing, managing, and renewing certificates can be a hassle. Azure Key Vault can generate certificates and automatically renew them, which makes most of the concerns listed above a non-issue.
If you use openssl to generate a self-signed certificate and private key, by default it will spit out the key and certificate as two separate PEM files.
If you want to prevent the private key on a certificate from being exported, you can set an Advanced Policy Configuration to do this: Importing and exporting third-party certificates to and from Key Vault is very simple.
The only potential “gotcha” to call out is the removal of the password on the file and private key when exporting a certificate from Key Vault.
If you use openssl to generate a self-signed certificate and private key, by default it will spit out the key and certificate as two separate PEM files.
If you want to prevent the private key on a certificate from being exported, you can set an Advanced Policy Configuration to do this: Importing and exporting third-party certificates to and from Key Vault is very simple.
The only potential “gotcha” to call out is the removal of the password on the file and private key when exporting a certificate from Key Vault.
Related Articles
Community Partners
DevOps Careers