How to update EV code signing certificate saved in the Azure Key Vault

Jad El-khoury 20 Reputation points
2024-01-11T13:37:37.81+00:00

I have recently imported an EV code signing certificate into the Azure Key Vault. For a reason (irrelevant here maybe), I needed to update this certificate. I have already managed to get the certificate reissued from my CA (reissue-certificate-client-digital-certificatesto reissue) I am however having problems importing/updating my Keyvault certificate wit the new one. Is it even possible? I have tried to create a new version. But that process seems to assume I need to start all over again, by creating a new CSR, etc. https://learn.microsoft.com/en-us/azure/key-vault/certificates/overview-renew-certificate?tabs=azure-portal The reissuing order (from GlobalSign) assumes that I have the same CSR.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,368 questions
0 comments No comments
{count} votes

Accepted answer
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,491 Reputation points
    2024-01-12T23:00:16.46+00:00

    Hello @Jad El-khoury , as you discovered, to renew a non-integrated certificate in Azure Key Vault, that is certificate that was not generated by a partened CA integration, you will need to provide your CA with the CSR generated by Azure. My recommendation is to explain to GlobalSign the situation so that they can confirm if they can internally renew it using the provided CSR.

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.