locked
Cannot import certificate into certain web apps RRS feed

  • Question

  • Currently we use an Azure environment with two different app service plans. In one of the two app service plans importing a Key Vault certificate in a web app works as expected. After opening the certificate on the Private Key Certificates (.pfx) page it shows that it is correctly linked to the key vault.

    In the other app service plan, after selecting the key vault certificate that should be imported into the web app, a message is shown indicating that it was succesfully imported.

    Sadly the certificate is not really imported(not available on the .pfx page) and not selectable in the add TLS/SSL binding menu. Both app service plans are in the same Resource Group and have the same pricing tier (S1 :1).

    Is this a bug?

    Thursday, February 6, 2020 2:07 PM

Answers

  • Yes, but I had contact with Microsoft support and we found out it was caused because the web-apps were originally created in seperate "Resource Groups" and later merged into one. The key vault can only access the apps created in the same resource group. 

    There is currently no solution for this; for now I have manually imported the certificate into all the inaccessible web apps.

    • Marked as answer by Brian_again Wednesday, May 6, 2020 6:07 AM
    Wednesday, May 6, 2020 6:07 AM

All replies

  • can you please provide details from where you get this certificate ?  Is this an App Service Certificate ? 
    Tuesday, February 11, 2020 9:42 PM
  • This is a third party wildcard certificate imported into the key vault. Do you need any other information?
    Thursday, February 13, 2020 7:21 AM
  • My apologies.  I, somehow missed this thread.  Are you still having this issue ?  

    Monday, May 4, 2020 11:04 PM
  • Yes, but I had contact with Microsoft support and we found out it was caused because the web-apps were originally created in seperate "Resource Groups" and later merged into one. The key vault can only access the apps created in the same resource group. 

    There is currently no solution for this; for now I have manually imported the certificate into all the inaccessible web apps.

    • Marked as answer by Brian_again Wednesday, May 6, 2020 6:07 AM
    Wednesday, May 6, 2020 6:07 AM