I have created Azure Service Fabric cluster secured by my self signed certificate (of type DocumentEncryptionCert). I have folowed this article from documentation. I have created key vault, uploaded certificate there as a secret and while configuring Azure Service Fabric cluster I set primary certificate for this cluster to Key Vault secret. SF automatically uses this certificate to create SSL channel also when trying to access SF Explorer. I am getting error, that there was used untrusted certificate (even though I imported certificate to trusted root certification authorities store). That means I am not able to manage the cluster and not even to deploy application from Visual Studio, as it is also not able to connect to cluster due to issues with certificate.
My question is, whether there is some special way how the certificate for such scenario has to be generated? I was generating the certificate exactly the same way as it is stated in the article above:
New-SelfSignedCertificate -Type DocumentEncryptionCert -KeyUsage DataEncipherment -Subject mysfcertificate -Provider 'Microsoft Enhanced Cryptographic Provider v1.0'
Thank you.
