Skip to content

az network application-gateway ssl-cert create nnot working with KV certificates #28835

Description

@svaraksin-gd

Describe the bug

az network application-gateway ssl-cert create --gateway-name *** --name test-cert --resource-group *** --key-vault-secret-id "https://***.vault.azure.net/certificates/certificate-name" returns the following error:

Message: SecretId 'https://***.vault.azure.net/certificates/certificate-nam' specified in '/subscriptions/***/resourceGroups/***/providers/Microsoft.Network/applicationGateways/***/sslCertificates/test-cert' is invalid. Reason: The specified Key Vault URI doesn't properly reference a secret. A valid Key Vault URI should be in the following format: https://{keyvaultname}.{keyvaultdomain}/secrets/{secretname}. A secret version may optionally be appended as well.

But as per az cli documentation:
image

Related command

az network application-gateway ssl-cert create

Errors

above

Issue script & Debug output

above

Expected behavior

Allow use certificates from KeyVault Certificate store

Environment Summary

azure-cli 2.59.0

core 2.59.0
telemetry 1.1.0

Dependencies:
msal 1.27.0
azure-mgmt-resource 23.1.0b2

Python location '/opt/az/bin/python3'
Extensions directory '/home/runner/.azure/cliextensions'

Python (Linux) 3.11.8 (main, Mar 27 2024, 04:03:04) [GCC 11.4.0]

Legal docs and information: aka.ms/AzureCliLegal

Your CLI is up-to-date.

Additional context

above

Metadata

Metadata

Assignees

Labels

Auto-AssignAuto assign by botNetworkaz network vnet/lb/nic/dns/etc...Service AttentionThis issue is responsible by Azure service team.act-quality-productivity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.questionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that

Type

No type
No fields configured for issues without a type.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions