Hello @EnterpriseArchitect,
Thank you for posting your query on Microsoft Q&A.
Correct my understanding on your ask, you want to replace the certificate of wildcard SSL stored in key vault with Azure App service certificate.
Before providing the solution, I want to know more details on below point.
1.Was the existing certificate purchased as an Azure App Service Certificate, and was auto-renewal enabled? If so, you can reuse the same certificate.
2.You mentioned that the existing wildcard Azure App Service Certificate is saved or exported to Azure Key Vault and the App Service Certificate | Export Certificate page, when you click the Open Key Vault Secret link, the CURRENT VERSION certificate thumbprint does not match. Could you provide screenshots for clarity?
Additionally, here are the few steps to Avoid Maximum Downtime:
- Purchased the certificate from azure service certificate.
- To start the process, select Rekey. This process can take 1-10 minutes to complete.
- You might also be required to reconfirm domain ownership. For more info, please refer to https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-app-service-certificate?tabs=portal
4.After the rekey operation completes, select Sync. - Upload it to key vault.
- Verify the Certificate Binding:
- Ensure that the new certificate is correctly bound to your App Service.
- Check the certificate thumbprint to confirm it matches the new certificate.
7.Monitor and Validate:
- Monitor your application to ensure there are no issues with the new certificate.
- Validate that the new certificate is being used by accessing your application and checking the certificate details in the browser
8.Once you have confirmed that the new certificate is working correctly, you can remove the old certificate version from Key Vault to avoid confusion.
For more details, please refer to https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-app-service-certificate?tabs=portal
https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2CRBAC