question

SushilYadav-4793 avatar image
0 Votes"
SushilYadav-4793 asked sikumars commented

Azure key vault to manage certificates

Hello, I am having an Azure key-vault store and a CA trust root certificate provided by the trust authority - Sectigo. Now, I want to upload this certificate in my key-vault store. However, it says 'Private key is not specified in the specified X.509 PEM certificate content. Please specify private key in the X.509 PEM certificate content.' Can someone please help me out on this ? This PEM file I have created from the .CRT file provided by the CA trust authority Sectigo, using openssl command. Please let me know if I am missing anything here. @sauravmishra-msft would appreciate your help. Thanks in advance.

azure-key-vault
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,

0 Votes 0 ·

1 Answer

sikumars avatar image
0 Votes"
sikumars answered

Hello @SushilYadav-4793,

Thanks for reaching out.

Azure Key Vault supports .pem and .pfx certificate files for importing Certificates into Key vault. We support the following type of Import for PEM file format. A single PEM encoded certificate along with a PKCS#8 encoded, unencrypted key which has the following

-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----

-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----

When you are importing the certificate, you need to ensure that the key is included in the file itself. If you have the private key separately in a different format, you would need to combine the key with the certificate. Some certificate authorities provide certificates in different formats, therefore before importing the certificate, make sure that they are either in .pem or .pfx format.

Note: A certificate in .pem format, the private part should not be encrypted with RSA

For more information, read https://docs.microsoft.com/en-us/azure/key-vault/certificates/certificate-scenarios#import-a-certificate

Hope this helps.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.