What CA signs certificates when using Azure Key Vault with HSM to generate & store application PKI keys and certificates?

Marcus Serrao 1 Reputation point

Hi. Can anyone tell me what CA is used when I generate keys and get them signed within the Azure Key Vault? Also, do I have the ability to stand up a subordinate CA in Azure, leveraging Azure Key Vault with HSM to store my CA keys and where the sub CA keys are signed by an on-premise offline root CA? thanks! Marcus

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,144 questions
Azure Dedicated HSM
Azure Dedicated HSM
An Azure service that provides hardware security module management.
26 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sam Cogan 10,322 Reputation points MVP

    When you generate a key in Azure Key Vault it is a self-signed key, it is not signed by any CA.

    0 comments No comments