Does Azure KeyVault support X509 certificates rekey option

Andriy Bilous 11,176 Reputation points

I have generated a self-signed RSA certificate in Azure KeyVault and enabled auto-renew feature.

When self-signed certificate is renewed automatically, public/private key pair is not rotated.

Is it possible to auto-renew self-signed certificate n Azure KeyVault using rekey option same as in Azure AppService Certificates?


Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,179 questions
0 comments No comments
{count} votes

Accepted answer
  1. singhh-msft 2,431 Reputation points

    @Andriy Bilous , thank you for reaching out to us. As you have set auto renewal of self-signed certificate, you are seeing that the public/private key pair is not rotated by default.

    You can rotate it by updating the policy for your certificate in the key vault, where you can set ReuseKeyOnRenewal to false.

    Let me know if you have any follow-up questions.


    Please "Accept the answer" and upvote if the information helped you. This will help us and others in the community as well.

0 additional answers

Sort by: Most helpful