Add certificates to integration accounts for securing messages in workflows with Azure Logic Apps

Applies to: Azure Logic Apps (Consumption + Standard)

When you need to exchange confidential messages in a logic app business-to-business (B2B) workflow, you can increase the security around this communication by using certificates. A certificate is a digital document that helps secure communication in the following ways:

  • Checks the participants' identities in electronic communications.

  • Encrypts message content.

  • Digitally signs messages.

You can use the following certificate types in your workflows:

If you're new to logic apps, review What is Azure Logic Apps? For more information about B2B enterprise integration, review B2B enterprise integration workflows with Azure Logic Apps and Enterprise Integration Pack.

Prerequisites

Use a public certificate

To use a public certificate in your workflow, you have to first add the certificate to your integration account.

  1. In the Azure portal search box, enter integration accounts, and select Integration accounts.

  2. Under Integration accounts, select the integration account where you want to add your certificate.

  3. On the integration account menu, under Settings, select Certificates.

  4. On the Certificates pane, select Add.

  5. On the Add Certificate pane, provide the following information about the certificate:

    Property Required Value Description
    Name Yes <certificate-name> Your certificate's name, which is publicCert in this example
    Certificate Type Yes Public Your certificate's type
    Certificate Yes <certificate-file-name> To browse for the certificate file that you want to add, select the folder icon next to the Certificate box. Select the certificate that you want to use.

    Screenshot showing the Azure portal and integration account with "Add" selected and the "Add Certificate" pane with public certificate details.

  6. When you're done, select OK.

    After Azure validates your selection, Azure uploads your certificate.

    Screenshot showing the Azure portal and integration account with the public certificate in the "Certificates" list.

Use a private certificate

To use a private certificate in your workflow, you have to first meet the prerequisites for private keys, and add a public certificate to your integration account.

  1. In the Azure portal search box, enter integration accounts, and select Integration accounts.

  2. Under Integration accounts, select the integration account where you want to add your certificate.

  3. On the integration account menu, under Settings, select Certificates.

  4. On the Certificates pane, select Add.

  5. On the Add Certificate pane, provide the following information about the certificate:

    Property Required Value Description
    Name Yes <certificate-name> Your certificate's name, which is privateCert in this example
    Certificate Type Yes Private Your certificate's type
    Certificate Yes <certificate-file-name> To browse for the certificate file that you want to add, select the folder icon next to the Certificate box. Select the public certificate that corresponds to the private key that's stored in your key vault.
    Resource Group Yes <integration-account-resource-group> Your integration account's resource group, which is Integration-Account-RG in this example
    Key Vault Yes <key-vault-name> Your key vault name
    Key name Yes <key-name> Your key name

    Screenshot showing the Azure portal and integration account with "Add" selected and the "Add Certificate" pane with private certificate details.

  6. When you're done, select OK.

    After Azure validates your selection, Azure uploads your certificate.

    Screenshot showing the Azure portal and integration account with the private certificate in the "Certificates" list.

Next steps