Hello @Luca Sosa
Thamks for the Input , ignore previous post ...lets solve this issue !
Kindly let me know :
Application Gateway uses a managed identity to retrieve certificates from Key Vault on your behalf.
You can either create a new user-assigned managed identity or reuse an existing with the integration. To create a new user-assigned managed identity, see Create a user-assigned managed identity using the Azure portal.
Have you seen this :
https://learn.microsoft.com/en-us/azure/application-gateway/key-vault-certs#how-integration-works
....If you're using the permission model Vault access policy: Select Access Policies, select + Add Access Policy, select Get for Secret permissions, and choose your user-assigned managed identity for Select principal. Then select Save....
ALSO
As of March 15, 2021, Key Vault recognizes Application Gateway as a trusted service by leveraging User Managed Identities for authentication to Azure Key Vault. With the use of service endpoints and enabling the trusted services option for Key Vault's firewall, you can build a secure network boundary in Azure. You can deny access to traffic from all networks (including internet traffic) to Key Vault but still make Key Vault accessible for an Application Gateway resource under your subscription.
When you're using a restricted Key Vault, use the following steps to configure Application Gateway to use firewalls and virtual networks:....rest on the LINK
--
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards