Question

CatchAlive on Thu, 05 Jan 2017 07:49:37


Hi.

I am using Azure SSL service, which uses a Key Vault to keep the keys safe.

Due to change of region of my services, I deleted the storage account and Key Valut in the old region.

But it is no possible to reconfigure Azure SSL service to use another storage account / key vault, then SSL has been configured once.

I do not know, if this is a "Key Vault" issue or "Azure SSL" issue...

Best regards

Martin


Sponsored



Replies

akurmi on Sun, 08 Jan 2017 06:46:36


Hello Martin,

I am assuming that this is about App Service Certificate. We are currently building a portal experience to provide mitigation steps for such App Service Certificates. In the mean time, you can execute the following Powershell script to remove the current App Service Certificate - Key Vault association. After executing this script, go to Azure portal and assign a new Key Vault to the App Service Certificate resource. https://azure.microsoft.com/en-us/documentation/articles/web-sites-purchase-ssl-web-site/  (Step 1: Store the certificate in Azure Key Vault)

Login-AzureRmAccount 
Set-AzureRmContext -SubscriptionId <subId> 
Remove-AzureRmResource -ResourceId "/subscriptions/<subId>/resourceGroups/<resource group>/providers/Microsoft.CertificateRegistration/certificateOrders/<App Service Certificate Name>/certificates/<App Service Certificate Name>" -ApiVersion "2015-08-01"
 
e.g. 
Login-AzureRmAccount 
Set-AzureRmContext -SubscriptionId fb2c25dc-6bab-45c4-8cc9-cece7c42a95a 
Remove-AzureRmResource -ResourceId "/subscriptions/fb2c25dc-6bab-45c4-8cc9-cece7c42a95a/resourceGroups/Default-Web-EastAsia/providers/Microsoft.CertificateRegistration/certificateOrders/appservicecertificate1/certificates/appservicecertificate1" -ApiVersion "2015-08-01"

CatchAlive on Mon, 09 Jan 2017 16:02:30


Hi Ashish Kurmi,

It worked perfectly, thanks :-)

BR Martin