0

I am aware that I can Base64 encode a certificate and then import it as a txt file to an Azure KeyVault as a "Secret" of type "application/x-pkcs12" using Bicep or ARM templates.

However when I try to connect to my Key Vault from Application Gateway to use this certificate it doesn't show up in the dropdown of available certificates. I cannot find anything in the MS documentation to show this is supported?

I would like to do a fully automated deployment using bicep without having to use any Powershell or CLI scripts.

Josh L
  • 1,412
  • 2
  • 18
  • 40
  • 1
    Looking at the documentation it is not possible, you can only import secrets and keys using ARM/Bicep https://learn.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults?pivots=deployment-language-bicep – Thomas Aug 07 '22 at 20:15
  • 1
    you could always execute some cli command inside your arm using deployment scripts: https://learn.microsoft.com/en-us/azure/azure-resource-manager/templates/deployment-script-template – Thomas Aug 08 '22 at 04:04
  • Yea I think that's the option I am going to have to go with! Thanks for confirming :) – Josh L Aug 08 '22 at 21:02

1 Answers1

1

Thanks for confirming the solution @Josh L. Thank you @Thomas for the valuable insights posting it as an answer in community wiki to beneficial for other community members for the similar issue .

Workaround:-

Based on the MICROSOFT DOCUMENTATION:-

We can't do it which will list the certificate in dropdown to import the keyvault certificates, Instead of that we need to import secrets and keys using ARM/Bicep. Also we need to use cli cmdlts inside of our arm using deployment scripts.

For more information please refer the below links:-

AjayKumarGhose
  • 4,257
  • 2
  • 4
  • 15