Does Azure KeyVault support X509 certificates rekey option

Andriy Bilous 11,631 Reputation points MVP
2021-10-08T08:02:12.797+00:00

I have generated a self-signed RSA certificate in Azure KeyVault and enabled auto-renew feature.

When self-signed certificate is renewed automatically, public/private key pair is not rotated.

Is it possible to auto-renew self-signed certificate n Azure KeyVault using rekey option same as in Azure AppService Certificates?

138871-image.png

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,370 questions
0 comments No comments
{count} votes

Accepted answer
  1. singhh-msft 2,431 Reputation points
    2021-10-08T09:07:03.567+00:00

    @Andriy Bilous , thank you for reaching out to us. As you have set auto renewal of self-signed certificate, you are seeing that the public/private key pair is not rotated by default.

    You can rotate it by updating the policy for your certificate in the key vault, where you can set ReuseKeyOnRenewal to false.

    Let me know if you have any follow-up questions.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" and upvote if the information helped you. This will help us and others in the community as well.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.