Moving Microsoft.Web/certificates between Key Vaults #5997
-
I need to move a certificate that I use with an App Service app from one Key Vault to another (in the same subscription). The certificate is deployed using:
This deployment fails wit the error
Is there a recommended way to solve this with Bicep? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 8 replies
-
How was the certificate created/generated? i.e. was it an App Service Certificate? or was it imported (manually) into the keyvault?
I do sync keyvault secrets and certificates with this script. .\3-Start-AzureKVSync.ps1 -primaryKVName ACU1-BRW-AOA-P0-kvVLT01 -SecondaryKVName AWU1-BRW-AOA-P0-kvVLT01 I would suggest to sync or copy the cert over to the new keyvault, then register a new web certificate, based on the new values. Adding this incase it is helpful: |
Beta Was this translation helpful? Give feedback.
-
I'm sorry but if I read it correct, there is no "migration" way of doing this? I need to KILL a running website on PRODUCTION to be able to do this? |
Beta Was this translation helpful? Give feedback.
How was the certificate created/generated? i.e. was it an App Service Certificate?
or was it imported (manually) into the keyvault?
I do sync keyvault secrets and certificates with this script.
https://github.com/brwilkinson/AzureDeploymentFramework/blob/main/ADF/1-prereqs/3-Start-AzureKVSync.ps1
I would suggest to sync or copy the cert over to the new keyvault, then register a new web certificate, based on the new values.
Adding this incase it is helpful:
https://github.com/brwilkinson/AzureDeploymentFrame…