356 questions
36
votes
6
answers
80k
views
Azure key vault: access denied
I have the following code for obtaining a secret from the Azure key vault:
public static async Task<string> GetToken(string authority, string resource, string scope)
{
var ...
- 4,581
9
votes
3
answers
31k
views
Using KeyVault secrets to override appsettings in Azure App Service and locally
Attempting to retrieve secrets from KeyVault in a C# App Service.
Local machine:
Visual Studio > Tools > Options > Azure Service Authentication - authenticated Azure account
Likely use az ...
- 6,241
7
votes
2
answers
4k
views
Invalid provider type specified. CryptographicException
I am trying to run the script GetAppConfigSettings.ps1 from Microsoft docs help setting up a Key Vault
The script contains the following
# ************************************************************...
- 18.8k
1
vote
1
answer
2k
views
How access a secret from keyvault?
I created sample react login application where user can login by implict oauth2 login via azure ad by refering to this documentation.
After successful login I am not able to access keyvault secrets by ...
- 1,893
23
votes
3
answers
22k
views
Azure Key Vault Certificates does not have the Private Key when retrieved via IKeyVaultClient.GetCertificateAsync
I have 2 approaches to do the same thing, but Azure has deprecated the one that works, and the other method doesn't work.
The approach that works, but is deprecated:
I store my PFX in Azure Key ...
- 2,072
13
votes
2
answers
18k
views
Terraform - How to attach SSL certificate stored in Azure KeyVault to an Application Gateway
I have a Terraform script that create an Azure Key Vault, imports my SSL certificate (3DES .pfx file with a password), and creates an Application Gateway with a HTTP listener. I'm trying to change ...
- 432
88
votes
14
answers
205k
views
Azure KeyVault: Azure.Identity.CredentialUnavailableException: DefaultAzureCredential failed to retrieve a token from the included credentials
I am trying to connect my ASP.NET Core application that is targeting .NET framework with Azure Keyvault. On a new Azure VM that supports Identity everything works fine, but this application is hosted ...
- 895
18
votes
2
answers
25k
views
Is it possible to get the private key out of Azure Key Vault Keys?
All of the data encryption/decryption examples I have seen with Azure key Vault do the encryption locally and decryption within Azure itself by using the keyVaultClient.DecryptAsync() method.
I ...
- 9,213
11
votes
2
answers
10k
views
Azure Function Key Vault reference for certificates?
I'm trying to use Key Vault references in my Azure Function (v1) as described here. It works fine for secrets, but not for certificates.
The docs don't mention certs at all, so maybe they are simply ...
- 4,135
5
votes
1
answer
36k
views
Azure Key Vault not allow access via private endpoint connection
I've a azure web service (linux) and azure key vault.
i configure two private endpoint , to allow the communication between Azure Key Vault and Azure web app.
i set all permissions in key vault's ...
- 739
3
votes
3
answers
9k
views
Issue with KeyVault reference in ARM template
I am trying to create a master key vault, which will contain all certificates to authenticate as a certain user.
I have 2 service principals => One for my app, One for deployment.
The idea is that ...
- 1,703
2
votes
5
answers
21k
views
Azure Key Vault download certificate with private key
I am trying to download the certificates that I have on several KeyVaults including their private keys. Through Azure Portal I can do it without issues just going to the KeyVault, selecting the ...
- 669
1
vote
1
answer
1k
views
What would be the best practice to update the connection string from Key vault secret at runtime in ASP.NET MVC 4.xx
I want to mention at first. I went through the other blogs to find the answer but I could not get the clear answer to my questions that I am looking for.
I am getting Key Vault secret from Azure AD at ...
- 671
1
vote
2
answers
4k
views
Azure Key Vault - Download original PFX from Key Vault
I dont have a great understanding of Key Vault & certificates and struggling with an issue. I am making use of a PFX file to generate a JWT token to call an external webservice. Its working all ...
- 827
1
vote
1
answer
1k
views
Azure DevOps - ARM deployment - Key Vault and Managed Identities
I am seeking some clarity on the best way to integrate Key Vault in ARM deployments within Azure DevOps.
For example, deploying an App Service and creating a Managed Service Identity so that it can ...
- 27
0
votes
1
answer
1k
views
Database connection string with Azure Keyvault in Azure Function local.setting.json in .NET Core
I am supporting an Azure Function someone wrote in C# in .NET Core 2.2.4. The function app is connecting to a database using a SQL Server account, and username and password are hardcoded in the ...
- 43
0
votes
1
answer
2k
views
How to set a connection string for web app in arm template that references a keyvault?
I am building an arm template that deploys a web app, sql database and a key vault.
The web app will be deployed with
1- System identity (which will be used to access the keyvault).
2- Connection ...
- 1,660
41
votes
4
answers
69k
views
How to get connection string out of Azure KeyVault?
A hypothetical web-site currently connects using:
public SqlConnection CreateConnection()
{
DbConnection connection = new SqlConnection();
connection.ConnectionString = GetConnectionString();
...
- 259k
21
votes
1
answer
46k
views
Azure Key Vault - How to update the secrets
In Azure Portal > Key vaults > Secrets, I have secrets with json values (I did not create it). Something like:
...
"SubscriptionId": "XXXXXXX",
"BaseAuthUri": "https://login....
- 643
13
votes
1
answer
17k
views
How to Override Web.config values with Azure KeyVault in .NET Framework 4.7.1
How can I implement Microsoft's Azure KeyVault in a ASP.NET Framework 4.7.1 WebForms application to override values in web.config with values from KeyVault? I do see references that we need a minimum ...
- 978
11
votes
2
answers
7k
views
Access Key Vault from local Service Fabric cluster with MSI
I want to access the Key Vault from my Service Fabric application via Managed Service Identity (MSI). I have enabled MSI on the virtual machine scale set in the Azure Portal and given it access to my ...
- 145
8
votes
1
answer
8k
views
Is there any way to get a Code Signing certificate into Azure Key vault given the new FIPS requirement for storing the private key? [closed]
We ordered a new code signing certificate and got the private key on a USB based "hardware token" - this is compatible with the new code signing certificate rules, but that limits access to ...
- 7,524
8
votes
2
answers
6k
views
How to secure Azure client Id and Secret without using App Settings of App Service
I am using Azure KeyVault to store my database credentials, Now to access it I have hardcoded client id and client secret in service code.
How can I avoid this hard coding as its insecure?
1) I don't ...
7
votes
1
answer
11k
views
DefaultAzureCredetials can't authenticate via Visual Studio - Can't find AzureServiceAuth\tokenProvider.json
I'm attempting to connect to an Azure Key Vault instance from a .NET 4.7 application running locally under IIS and the debugger (Visual Studio 2022 17.4.4) but am encountering the below exception(s) ...
- 987
6
votes
2
answers
2k
views
Azure Key Vault certificate - create Basic Constraints CA:True
I would like to create a self signed CA certificate via Azure portal (Azure Key Vault). I am not sure how to set X509 extension Basic Constraints CA:True
Some reference link:
https://learn.microsoft....
