Skip to content

az network application-gateway ssl-cert create nnot working with KV certificates #28835

Open
Open
az network application-gateway ssl-cert create nnot working with KV certificates#28835
Assignees
necusjz
Labels
Auto-AssignAuto assign by botNetworkaz network vnet/lb/nic/dns/etc...Service AttentionThis issue is responsible by Azure service team.act-quality-productivity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.questionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that
Milestone
Backlog
@svaraksin-gd

Description

@svaraksin-gd
svaraksin-gd
opened on Apr 25, 2024

Describe the bug

az network application-gateway ssl-cert create --gateway-name *** --name test-cert --resource-group *** --key-vault-secret-id "https://***.vault.azure.net/certificates/certificate-name" returns the following error:

Message: SecretId 'https://***.vault.azure.net/certificates/certificate-nam' specified in '/subscriptions/***/resourceGroups/***/providers/Microsoft.Network/applicationGateways/***/sslCertificates/test-cert' is invalid. Reason: The specified Key Vault URI doesn't properly reference a secret. A valid Key Vault URI should be in the following format: https://{keyvaultname}.{keyvaultdomain}/secrets/{secretname}. A secret version may optionally be appended as well.

But as per az cli documentation:
image

Related command

az network application-gateway ssl-cert create

Errors

above

Issue script & Debug output

above

Expected behavior

Allow use certificates from KeyVault Certificate store

Environment Summary

azure-cli 2.59.0

core 2.59.0
telemetry 1.1.0

Dependencies:
msal 1.27.0
azure-mgmt-resource 23.1.0b2

Python location '/opt/az/bin/python3'
Extensions directory '/home/runner/.azure/cliextensions'

Python (Linux) 3.11.8 (main, Mar 27 2024, 04:03:04) [GCC 11.4.0]

Legal docs and information: aka.ms/AzureCliLegal

Your CLI is up-to-date.

Additional context

above

Metadata

Metadata

Assignees

Labels

Auto-AssignAuto assign by botNetworkaz network vnet/lb/nic/dns/etc...Service AttentionThis issue is responsible by Azure service team.act-quality-productivity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.questionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions