Can't renew a certificate because Key Vault is in read only mode

Steve Owen 40 Reputation points

Hi there. I've got a wildcard certificate that I have stored in two separate Azure Key Vaults, one based in West US 3 and the other in West EU.

I've managed to renew the US one, but each time I try to update the EU one through the portal it says, "The operation you are trying to perform is unavailable at the moment since Key Vault is in read only mode."

These are my own PFX files which I am uploading (the upload is successful).

There's nothing in the portal to say the Key Vault is in read-only mode, or why that would be. The two vaults seem identical in all other ways.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
712 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 28,021 Reputation points Microsoft Employee

    @Steve Owen

    Thank you for your post!

    Error Message:
    The operation you are trying to perform is unavailable at the moment since Key Vault is in read only mode.

    I understand that you were running into the above error message whenever you tried to renew your certificate within the EU region. When looking into your error message, I found that there was an Azure Storage issue effecting West Europe between 08:00 UTC and 16:34 UTC on 06 March 2023.

    Azure status history:

    Impact Statement: Between 08:00 UTC and 16:34 UTC on 06 March 2023, a subset of customers with storage resources hosted in West Europe may have experienced issues accessing these resources. Azure Key Vault and other Azure services dependent on Azure Storage may have experienced intermittent failures and degraded performance due to this issue.

    Preliminary Root Cause: We determined that a service configuration update impacted a subset of scale units in the West Europe region.

    Mitigation: Impacted resources and services were mitigated as the service configuration update was reverted back to the previous state. These resources recovered by 16:34 UTC.

    Next Steps: We will follow up in 3 days with a preliminary Post Incident Report (PIR), which'll cover the main root cause and repair items. We'll follow that up 14 days later with a final PIR where we will share a deep dive into the incident.  

    If you're still experiencing issues, please let me know. Thank you for your time and patience throughout this issue.

    1 person found this answer helpful.