locked
Azure Application Proxy: use certificate from key vault possible? RRS feed

  • Question

  • Hey All,

    we have an onPrem Wiki (Atlassian Confluence) made it available for external via Azure Active Directory Application Proxy:

    https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy

    We also implemented Let's Encrypt ACME Bot in Azure which we use to request/renew certificates and store them in Azure Key Vault:

    https://github.com/shibayan/keyvault-acmebot

    Question:

    Is it possible to access certificates stored in Azure Key Vault from Application Proxy?
    I only see the option to upload the pfx file.

    1. Currently we have to download the cert/key from key-vault
    2. protect it manually with a password via openssl command line tools (because key vault download doesn't support setting a password before exporting: WTH?)
    3. upload the pfx file to azure application proxy 

    Anyone know if its possible to assign certs from the key store to application proxy?

    Thanks a lot.


    Thursday, April 9, 2020 10:07 AM

All replies

  • No, it is not possible to store the certificates for Azure AD Proxy in Azure Key Vault and the certificates needs to be selected or uploaded from Azure portal blade.  I suggest you to please post this as a product feedback to at UserVoice. This will allow the community to up-vote and for the product team to include into their plans.
    Thursday, April 9, 2020 8:58 PM