You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/container-apps/key-vault-certificates-manage.md
+15-5Lines changed: 15 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ You can set up Azure Key Vault to manage your container app's certificates to ha
15
15
16
16
## Prerequisites
17
17
18
-
-[Azure Key Vault](/azure/key-vault/): Make sure you have a certificate stored in Azure Key Vault.
18
+
-[Azure Key Vault](/azure/key-vault/general/manage-with-cli2): Create a Key Vault resource.
19
19
20
20
-[Azure CLI](/cli/azure/install-azure-cli): You need the Azure CLI updated with the Azure Container Apps extension version `0.3.49` or higher. Use the `az extension add` command to install the latest version.
21
21
@@ -40,13 +40,23 @@ An [Azure Key Vault](/azure/key-vault/general/manage-with-cli2) instance is requ
40
40
1. Go to your certificate's details and copy the value for *Secret Identifier* and paste it into a text editor for use in an upcoming step.
41
41
42
42
> [!NOTE]
43
-
> The secret identifier with a version suffix only attempts to get a certificate from the specified version. If you are using a secret identifier without a version suffix, it uses the latest version.
43
+
> To retrieve a specific version of the certificate, include the version suffix with the secret identifier. To get the latest version, remove the version suffix from the identifier.
44
44
45
-
## Assign roles
45
+
## Enable and configure Key Vault Certificate
46
46
47
-
1. Open the [Azure portal](https://portal.azure.com) and find your instance of your Azure Container Apps environment where you want to import a certificate.
47
+
1. Open the Azure portal and go to your Key Vault.
48
48
49
-
1. Go to the *Identity* tab and set *RBAC* to **Key Vault Secrets User**.
49
+
1. In the *Objects* section, select **Certificates**.
50
+
51
+
1. Select the certificate you want to use.
52
+
53
+
1. In the *Access control (IAM)* section, select **Add role assignment**.
54
+
55
+
1. Add the roles: **Key Vault Certificates Officer** and **Key Vault Secrets Officer**.
56
+
57
+
1. Go to your certificate's details and copy the value for **Secret Identifier**.
58
+
59
+
1. Paste the identifier into a text editor for use in an upcoming step.
0 commit comments