This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 45%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hi,
When I import a PFX certificate into Azure Key Vault the import succeeds, but the certificate does not show the Issuer, Subject, Serial No etc.
I have verified the certificate is valid and imports correctly into App Service or when imported on a local machine.
Any ideas on why it is failing?
Thanks!
@Richie
Thank you for your post!
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 70%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hi James, thanks for replying!
The certificate was uploaded using the Fluent Management API via an app registration. The api permissions are all set to have full access enabled. If I try importing the PFX directly via the Portal the same outcome happens :-(
The additional info populated is:
The certificate is for use on a Web App. If I try to select the certificate from the Key Vault via the Web App, the import fails. If I upload it directly to the Web App, the import works perfectly - all the details display, and the certificate binds successfully.
The hashing algorithm used to sign the PFX file is ES256
https://learn.microsoft.com/en-us/azure/key-vault/keys/about-keys-details
Thanks for your help!
Private key must be signed with an RSA algorithm. I changed to RS256 and it now works in Key Vault.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 99%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENC%3C/text%3E%3C/svg%3E)
Thanks Richie! I had a similar problem, I used Letsencrypt certbot, that uses ECDSA private keys by default, instead of RSA 4096. Once I used RSA type for the key, it solved my problem.