Merge pull request #103967 from winthrop28/patch-91

PRMerger20 · web-flow · commit a6a628ff04d6 · 2020-02-11T09:59:34.000-08:00
adding note with Portal limitation
diff --git a/articles/application-gateway/key-vault-certs.md b/articles/application-gateway/key-vault-certs.md
@@ -29,6 +29,9 @@ Application Gateway integration with Key Vault offers many benefits, including:
 
 Application Gateway currently supports software-validated certificates only. Hardware security module (HSM)-validated certificates are not supported. After Application Gateway is configured to use Key Vault certificates, its instances retrieve the certificate from Key Vault and install them locally for SSL termination. The instances also poll Key Vault at 24-hour intervals to retrieve a renewed version of the certificate, if it exists. If an updated certificate is found, the SSL certificate currently associated with the HTTPS listener is automatically rotated.
 
+> [!NOTE]
+> The Azure portal only supports KeyVault Certificates, not secrets. Application Gateway still supports referencing secrets from KeyVault, but only through non-Portal resources like PowerShell, CLI, API, ARM templates, etc. 
+
 ## How integration works
 
 Application Gateway integration with Key Vault requires a three-step configuration process:
