Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,286 questions
2 answers
not able to change access configuration policy
CODE InsufficientPermissions MESSAGE RAW ERROR Caller is not allowed to change permission model. For more information on how to change the permissions model follow this link: https://go.microsoft.com/fwlink/?linkid=2155160. Details:…
asked 2023-10-19T05:18:01.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
himani ghildiyal
10
Reputation points
commented 2024-10-08T08:52:37.5133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 83%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
steeve thomar
1
Reputation point
0 answers
Access to read Key Vault using registered app user
Have registered an app called 'DevUAT' under Microsoft Entra Id. Created ClientID and Client Secret, Created a Key vault. Created secret and key Added 'DevUAT' to the key vault as owner When accessing the key vault and reading the secret get access…
asked 2024-10-08T00:30:16.1133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 8%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Sanjay Narayan
0
Reputation points
asked 2024-10-08T00:30:16.1133333+00:00
Sanjay Narayan
0
Reputation points
0 answers
ERROR | Azure Key Vault access from Python application in Azure Kubernetes Service
I have a python application in AKS where I need to read the secrets from Azure key vault. I am using: credential = DefaultAzureCredential(logging_enable=True) client = SecretClient(vault_url=KV_URI, credential=credential) secret =…
asked 2024-09-30T21:17:29.92+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 30%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
AT
0
Reputation points
commented 2024-10-07T23:15:30.53+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Raja Pothuraju
6,440
Reputation points Microsoft Vendor
3 answers
One of the answers was accepted by the question author.
Application gateway listener error when trying to use key vault certificate using managed identity and RBAC
Hi, I'm trying to setup a listener in application gateway to use a certificate from keyvault using managed identity. But every time whne I choose in portal the managed identity and then select the key vault from the dropdown menu I get this error: …
asked 2021-10-08T06:19:49.1+00:00
Martin Cangar
31
Reputation points
commented 2024-10-07T20:20:03.8566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 46%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDU%3C/text%3E%3C/svg%3E)
Dhruvil Upadhyay
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Could someone supply a comprehensive list of files that can be digitally signed with Azure Sign Tool using Azure Key Vault?
Is there a comprehensive list of all files that could be digital signed? For example: .dll, .exe, .cab, ect...
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,286 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,389 questions
asked 2023-08-23T19:40:25.8333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 84%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Rusty Crabbs
65
Reputation points
commented 2024-10-07T19:30:45.0633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 52%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAI%3C/text%3E%3C/svg%3E)
Alex Ivanoff
0
Reputation points
0 answers
Cloud Service and Keyvault are in different subscriptions
I am using KeyVaultExtension to CSES in my deployment arm template to download and install the certificate automatically by following the doc Apply the Key Vault VM extension in Azure Cloud Services (extended support) | Microsoft Learn This is where…
asked 2024-10-07T17:45:33.0166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 82%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
Foram Mehta
0
Reputation points Microsoft Employee
asked 2024-10-07T17:45:33.0166667+00:00
Foram Mehta
0
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Unable to create a cert in Azure keyvault
I am attempting to create a new cert in Azure Keyvault and it continues to fail. I am a keyvault admin and certificate officer for the keyvault and I created the access policy and gave the account full permission (following the link included…
asked 2024-10-04T17:20:45.5966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 27%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Dan Bottiger
20
Reputation points
edited the question 2024-10-07T13:09:40.77+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 59%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
JananiRamesh-MSFT
27,176
Reputation points
1 answer
Is it safe to add the global "Microsoft Azure App Service" to Key Vault Role Assignments
Unfortunately, it seems that KeyVault Certificates are currently still in an unstable state where RBAC is not properly implemented. Further details of the specifics and a solution to the problem can be seen here…
asked 2024-09-25T12:45:50.4366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 6%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
Robbie Dyer
0
Reputation points
commented 2024-10-07T06:11:20.8166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Akhilesh
9,515
Reputation points Microsoft Vendor
1 answer
Why do I get the error "Signing failed with error 800B0106" when signing an Office file including VBA project with a self-signed certificate?
Hi, I have created a self-signed certificate in Azure Key Vault (4k key, default settings). I can use it to sign exe files, but I get the error "Signing failed with error 800B0106" when trying to sign an Excel XLSM file including VBA scripts.…
asked 2024-09-30T06:01:06.1166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 73%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Tamas Meszaros
0
Reputation points
commented 2024-10-06T11:54:05.9266667+00:00
Vinodh247
20,796
Reputation points
0 answers
how to connect to Azure Key Vault using CSI driver in an Azure Kubernetes Service (AKS) cluster
I followed this post https://video2.skills-academy.com/en-us/azure/service-connector/tutorial-python-aks-keyvault-csi-driver?tabs=azure-portal It is ok with KV secret, but I want to use the KV cert. I got the error message: The certificate certificate does not…
1 answer
How to create a new API connection inside Azure logic app flow using the credentials from Azure Key vault
I have an azure logic app that needs to send message using Twilio connector. How to get the Account ID and Access token to establish connection with Twilio from the Key vault? Currently I am using the connector directly in the logic app where it…
asked 2024-09-25T12:25:14.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 45%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Nandhini Balasubramanian
20
Reputation points
commented 2024-10-05T12:11:50.6233333+00:00
Akhilesh
9,515
Reputation points Microsoft Vendor
1 answer
Access policies not available
I am getting 'Access policies not available' in key vault > access policies..... I assigned all key vault related....... roles..... I changed permission model to vault access policy" also from Access configuration. still getting same issue..…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 86%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E6%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
How to decommission an old Root CA and Issuing CA after the new ones are already in live
I wanted to remove or decommission the old Root CA and the issuing CA. Already have the new Root CA and the issuing CA. Wanted to know the step by step process how to check the live certificates in the old CAs and then decommission them.
asked 2024-10-01T08:27:33.8066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 52%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVP%3C/text%3E%3C/svg%3E)
Vishnu Priya
20
Reputation points
accepted 2024-10-04T08:57:36.97+00:00
Vishnu Priya
20
Reputation points
1 answer
Azure Machine Learning workspace cannot access Datastore, Container Registry
Hi, I have created an Azure Machine Learning workspace, giving it a user-assigned identity. This identity has both a contributor role over the whole resource group, and a Key Vault Secrets Officer role over the key vault used by the AML workspace It was…
asked 2024-09-19T16:35:55.04+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 44%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVS%3C/text%3E%3C/svg%3E)
Vengathesa Sarma, Satya
5
Reputation points
edited an answer 2024-10-04T06:33:55.2833333+00:00
romungi-MSFT
45,961
Reputation points Microsoft Employee
0 answers
"Successfully imported Key Vault Certificate, but failed to configure SSL binding"
I have a number of certificates in my Azure Key Vault, which were all generated the same way. I also have a number of Web App Services, which were all created the same way. But sometimes, when I add a custom domain to an App Service, and then try to bind…
asked 2024-10-03T22:26:02.0266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 92%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Lee Reams
0
Reputation points
commented 2024-10-04T06:30:11.27+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 95%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Steve Morgan
0
Reputation points
1 answer
Azure Marketplace Application offering with secrets for Container Registry access
I'm creating an Azure Marketplace Application offering that includes the provisioning of Azure Container Apps to customers' tenants. These Container Apps must pull their image from an Azure Container Registry on my tenant (publisher). I have trouble…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 57.99999999999999%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
2 answers
Failed to add the secret in Azure Front Door - BYOC
I am trying to setup a custom domain in azure front door for a wildcard domain. Also I have Import the certificate for the wildcard ssl in key vault as well . But when I am trying to add the secrets in the Azure Front Door I am getting this error…
asked 2024-09-23T07:59:53.64+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 62%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECU%3C/text%3E%3C/svg%3E)
Chandravir Umath
0
Reputation points
commented 2024-10-03T13:27:23.7266667+00:00
Akhilesh
9,515
Reputation points Microsoft Vendor
2 answers
Azure Keyvault: The operation is not allowed by RBAC.
Hi, I am the owner of the subscription, i have created the azure keyvault and when I am trying to add a new secret, I get the following error message. The operation is not allowed by RBAC. If role assignments were recently changed, please wait…
asked 2023-09-17T04:23:34.2066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 28.000000000000004%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
Dat AU DUONG
380
Reputation points
commented 2024-10-03T13:19:29.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 51%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Atif Ghayas Siddiqui
0
Reputation points
4 answers
data factory managed identity is not being identified as a trusted service by keyvault
We have an issue with an ADF pipeline, when attempting to reach a secret from a KV in the same RG, the connection fails with the following error: "Client address is not authorized, and caller is not a trusted service" The setup is made…
asked 2024-07-23T21:23:39.3533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 10%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Reyes Monsalve, Ruben Dario
31
Reputation points
commented 2024-10-03T12:23:31.75+00:00
Reyes Monsalve, Ruben Dario
31
Reputation points
1 answer
Key vault for Application gateway and App service
Hi, I have certificate from Well known CA and its been use by Application Gateway and App service. The application is working fine. My query is about Key Vault. Shall we create 2 different key vault 1x for Application Gateway and 1x for App service…
asked 2024-09-05T08:22:35.5033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 52%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKP%3C/text%3E%3C/svg%3E)
kaushal parab
26
Reputation points
edited the question 2024-10-03T08:32:19.4766667+00:00
KapilAnanth-MSFT
45,121
Reputation points Microsoft Employee