Unable to disable publicNetworkAccess through ARM template
Hello, I have created a keyvault using arm template and when I add in the properties section: "properties": { "sku": { "family": "A", …
I changed my email and now I can't see my Key Vault
I have a VM in Azure running some web services. I use Azure Key Vault to generate an SSL certificate for secure comms. I had to change my email on my Azure account. My account was transferred by MS support, but the Key Vault says my Tenant ID has changed…
Unable connect Azure KeyVault from App Service using Azure client credentails
Hi Team, I have interesting issue that we are facing in our Production environment. We have AppService that hosts the APi, it connects the KeyVault using Service Principle. In Non-prod it was able to access the KeyVault using ServicePrinciple client…
Troubleshooting "The specified X.509 certificate content is invalid" Error When Importing to Azure Key Vault
I encountered the error "The specified X.509 certificate content is invalid. Error: One or more X.509 properties are invalid." while attempting to import a certificate from Cybersource into Azure Key Vault. The command used was: az keyvault…
Terraform: Add Key Vault Administrator Role Assignment and Save Outputs to JSON Dynamically in Azure
Hi everyone, I am using Terraform to provision an OpenAI service and its modules along with a Key Vault in Azure. While the OpenAI service setup works as expected, I am facing two challenges: Role Assignment for Key Vault I need to assign the Key…
How to let synapse pipeline identify a value as hexadecimal encoded text
Hello, I want to sign a JWT token using the signing functionality of Azure Key Vault and have generated a private key. I want to send a request to the Key Vault from Azure Synapse pipeline's Web component. The configuration of this web component is as…
Azure Key Vault Managed HSM - Security Domain Certificate Renewal
As documented by Azure, when activating an Azure Key Vault Managed HSM resource you must create a security domain by sending at least three RSA public keys to the HSM. My question is do the certificates/keys need to be updated prior to their set…
How to get Azure key/key vault region?
In cross tenant scenario, like this, how to check the key region with only key/key vault url? I want to use it in create disk encryption set, but it require in same region. And it cost a lot, take a while to create. is there any way to get the region?…
New EV code signing certificate stored in Azure Key Vault triggers windows smart screen warning on signed executables
We have used a GlobalSign issued EV code signing certificate since 2021 and it is due to expire at the end of August 2024. We use this certificate to sign our installer executables as part of our build system, the signing process uses the azuresigntool…
System-assigned Managed Identities fails to remove a KeyVault Access policies on a user
Hi everyone, please help me with a problem that is driving me crazy and I've been chasing it for 2 days without understanding where the problem lies, so I configured a : KeyVault in which I saved a test secret. I created a runbook inside a test…
Entra Key Vault Key Rotation Policy to Rotating the Storage Account Key
I created a Key Vault and granted my storage account the Key Vault Officer role. I then setup a rotation policy as outline in the article below. I see versions of keys listed in Key Vault but the last rotation time stamp on the storage account key is…
Azure Key Vault Certificate
I'm currently trying to build a workflow that work run this command automatically. Is there a way I can run this command without needing "az login"? az keyvault certificate import --vault-name "<your-key-vault-name>" -n…
Application settings in Azure Fucntion: AccessToKeyVaultDenied
Hello, To get the connection string of a Azure Storage in Azure Function, we are using the Applicationg Settings in the configuration menu. The problem is that we are receiving the following error: AccessToKeyVaultDenied --> Key Vault reference was…
Secret loading fails in Azure Data Factory Linked Services when I try to use Azure Key vault.
I am trying to allow ADF linked services to use the key vault but I am receiving the error below. I have set the ADF linked service as per below. You can also see I have tried many RBAC roles to try and get it to work.
Import certificate API for azure key vault
i am trying to import a certificate through REST API to azure key vault, via Postman. For that purpose, i have generated the bearer token via, "https://login.microsoftonline.com/tenant_ID/oauth2/token." I am having two headers, The…
Character restrictions when creating an EV Certificate in Key Vault
Hi, I am trying to create a certificate for code signing within azure key vault (Web Portal). Our official company name contains a + and - character. Is there a restriction using those for the Subject entry CN=... ? as soon as either of those…
Digital Signature error message
I have created a security certificate to go with software other people will download and use. The certificate will successfully install on the computer, however when its used and unspecified error occurs. (see below). The pfx file does not have a…
Problem: Azure Backup with Disk Encryption and Key Vault Permissions (RBAC)
I’m trying to back up a virtual machine with disk encryption (both OS and data disks) using Recovery Services Vault in Azure. The key used for disk encryption is stored in Azure Key Vault, and I'm using RBAC (Role-Based Access Control) for access…
Key Vault stored Token Rotation capability
Hi Team, There is a SFI requirement to disable the storage SAS key completely from storage account. However, we are now generating SAS token using delegation user key signing method via static website host alternative to store it into kv as a secret.…
How to resolve imported certificate is a self signed certificate error in AFD even though it is a certificate issued by a private CA?
First I created CA in key vault (issuer is OnecertV2-PrivateCA) then generated certificate with the domain name but when I try to add this certificate in AFD it gives the following error: 'cannot add secret as self signed certificate is not allowed in…