Can both the private and public key be exported from an Azure Key Vault and reused in an app for signing and encryption?

Question

Can both the private and public key be exported from an Azure Key Vault and reused in an app for signing and encryption?

Michael Herman (Web 7.0) 0

Can both the private and public key be exported from an Azure Key Vault and reused (imported) into a custom app to support data signing and encryption? ...I'm not refering to simple backup unless there is an API to restore the key pair into a standalone app with its own standalone key store (e.g. built with Windows secure storage).

Akshay-MSFT 17,931 Reputation points Microsoft Employee

2023-03-15T07:29:36.2666667+00:00
Hello Michael Herman (Web 7.0)

Thank you for posting your query in Microsoft Q&A. Please confirm what scenario are you following ?

Using a certificate for signing a custom package in visual studio? If yes then this could be achieved by following Sign packages with Azure Key Vault

If exporting the private and public certificate (which has been imported by you in past) and use it in an application via 3rd party tool ? Yes, you could export both public and private key from Key Vault: And use it with in a 3rd party application store, yes you could do that.

If creating a Key in Azure Key vault and then exporting it with private key ? No, it would only allow exporting public key regardless of imported or generated Key within KeyVault.

Please do let me know which of the above scenarios are you following?

Thanks,

Akshay Kaushik
Akshay-MSFT 17,931 Reputation points Microsoft Employee

2023-03-17T12:39:50.92+00:00

@Michael Herman (Web 7.0)

Hope you got a chance to review the action plan suggested above. Please do let me know if you have any queries in the comments section. If you don't have any further queries and the suggestion works as per your business need. Please "Accept the answer" and "share you feedback (Yes/No)". This will help us and others in the community as well.

Thanks,

Akshay Kaushik
Marilee Turscak-MSFT 37,186 Reputation points Microsoft Employee

2023-03-21T19:41:14.71+00:00

Hi @Michael Herman (Web 7.0) ,

Just checking to see if you were able to get the information you needed? If the answer helped you, please Accept the answer. This will help us as well as others in the community who might be researching similar issues. Otherwise let us know if you have further questions!

1 answer

Your answer

Akshay-MSFT 17,931 Reputation points Microsoft Employee

2023-03-15T07:29:36.2666667+00:00

Hello Michael Herman (Web 7.0)

Thank you for posting your query in Microsoft Q&A. Please confirm what scenario are you following ?

Using a certificate for signing a custom package in visual studio? If yes then this could be achieved by following Sign packages with Azure Key Vault

If exporting the private and public certificate (which has been imported by you in past) and use it in an application via 3rd party tool ? Yes, you could export both public and private key from Key Vault: And use it with in a 3rd party application store, yes you could do that.

If creating a Key in Azure Key vault and then exporting it with private key ? No, it would only allow exporting public key regardless of imported or generated Key within KeyVault.

Please do let me know which of the above scenarios are you following?

Thanks,

Akshay Kaushik
Akshay-MSFT 17,931 Reputation points Microsoft Employee

2023-03-17T12:39:50.92+00:00

@Michael Herman (Web 7.0)

Hope you got a chance to review the action plan suggested above. Please do let me know if you have any queries in the comments section. If you don't have any further queries and the suggestion works as per your business need. Please "Accept the answer" and "share you feedback (Yes/No)". This will help us and others in the community as well.

Thanks,

Akshay Kaushik
Marilee Turscak-MSFT 37,186 Reputation points Microsoft Employee

2023-03-21T19:41:14.71+00:00

Hi @Michael Herman (Web 7.0) ,

Just checking to see if you were able to get the information you needed? If the answer helped you, please Accept the answer. This will help us as well as others in the community who might be researching similar issues. Otherwise let us know if you have further questions!

Answer 1

@Michael Herman (Web 7.0)

Thank you for posting your query in Microsoft Q&A. Please confirm what scenario are you following ?

Using a certificate for signing a custom package in visual studio? If yes then this could be achieved by following Sign packages with Azure Key Vault
If exporting the private and public certificate (which has been imported by you in past) and use it in an application via 3rd party tool ? Yes, you could export both public and private key from Key Vault: And use it with in a 3rd party application store, yes you could do that.
If creating a Key in Azure Key vault and then exporting it with private key ? No, it would only allow exporting public key regardless of imported or generated Key within KeyVault.

Please do let me know which of the above scenarios are you following?

Thanks.

Akshay Kaushik

Please "Accept the answer" (Yes/No), and share your feedback if the suggestion works as per your business need. This will help us and others in the community as well.

Share via

Can both the private and public key be exported from an Azure Key Vault and reused in an app for signing and encryption?

1 answer

Your answer