Failed to save the status of AppGW when creating a https protocol listener with a cert generated in Key vault
When I am trying to add a listener for https incoming traffic with a cert I generated in the key vault which is self-signed.
The Application Gateway status cannot be saved successfully no matter I associate it with a public frontend IP address or a private IP address.
I didn't recognize the failed state of the listener, which even lead my VMs in backend pool also cannnot be successfully start up. I have to redeploy them eventually.
BTW the listener for http protocol can be saved normally. I used the below doc for cert adding.
https://learn.microsoft.com/en-us/azure/application-gateway/key-vault-certs?WT.mc_id=Portal-Microsoft_Azure_HybridNetworking#key-vault-azure-role-based-access-control-permission-model