Azure: manually add app service certificate to key vault

2
votes

Azure has a simple way of adding an App Service Certificate to a Key Vault from the web interface. I did this and later I accidentally deleted the certificate from the Key Vault. The App Service Certificate resource is still there, but the certificate no longer shows up in my Key Vault (obviously).

Is there a way that I can re-add my App Service Certificate to my Key Vault?

Attached images:

The App Service Certificate still thinks it's been added to Key Vault:

the app service cert says it's in key vault

... but the cert is no longer available in the Key Vault:

cert doesn't show up

1
azuressl-certificateazure-keyvaultazure-app-service-envrmnt
If you have the right permissions under 'Access policies', you should be able to import one with the 'Generate/Import' button, right?rickvdbosch
from code inside your app you can access the cert object and reexport it ?Thomas
App Service Certificate stores the private certificate into a user-provided Key Vault secret. When App Service Certificate is deployed into a web app, a Web Apps resource provider deploys it from the Key Vault secret that's associated with App Service Certificate. So, when you add app service certificate to azure keyvault, you could not see anything in Certificate option. Refer to this article.Joey Cai
I see, so the cert I deleted must've been another one. Okay thanks @JoeyCaiKris
I will update it as a reply. If it helps you, you could mark it as answer to let others know.Joey Cai

1 Answers

2
votes

App Service Certificate stores the private certificate into a user-provided Key Vault secret. When App Service Certificate is deployed into a web app, a Web Apps resource provider deploys it from the Key Vault secret that's associated with App Service Certificate.

So, when you add app service certificate to azure keyvault, you could not see anything in Certificate option.

For more details, you could refer to this article.