Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
0 answers
Certificate imported properly into keyvault, but cloud service extended deployment fails
We are trying to import a pfx formated (that includes the intermediate cert) certificate into keyvault so that it can be used for TLS 1.3. We were able to import it properly. But when deploying the cloudservice extended package, it fails to recognize the…
Azure Key Vault
asked 2026-04-09T17:19:18.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 76%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Cloud Service3
0
Reputation points
edited a comment 2026-04-09T18:23:21.2866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sridevi Machavarapu
26,515
Reputation points Microsoft External Staff
Moderator
1 answer
Can we use Get Random Bytes API with Azure Key Vault Premium Subscription
Can we use Get Random Bytes API with Azure Key Vault Premium Subscription? This link [https://dori-uw-1.kuma-moon.com/en-us/rest/api/keyvault/keys/get-random-bytes/get-random-bytes?view=rest-keyvault-keys-2025-07-01&tabs=HTTP] says it "Get the…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-04-09T14:03:56.44+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 95%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Battina, Subodh
0
Reputation points
commented 2026-04-09T15:47:57.1433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 10%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Shubham Sharma
12,525
Reputation points Microsoft External Staff
Moderator
1 answer
Azure AD B2C Issuing JWT Tokens with Invalid Signatures
Azure AD B2C is intermittently issuing JWT access tokens with mathematically invalid RSA signatures. These tokens fail RSA.VerifyData() validation against the public keys published in the JWKS endpoint, even though: 1. The token's `kid` (Key ID) matches…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 99%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Cannot set up Azure Key Vault extension on Ubuntu VM
I am attempting to set up the Azure Key Vault extension on an Azure VM running Ubuntu, so that nginx on that VM can access an SSL certificate with HSM-secured key to secure a website hosted on the VM. However, when running the command below, I get an…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-04-07T11:06:26.3066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 35%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
David Kelly
0
Reputation points
accepted 2026-04-09T14:50:22.0566667+00:00
David Kelly
0
Reputation points
3 answers
How to create Key Vault secret when user id is administrator in Microsoft Entra?
I am trying to learn to use Azure Key Vault for a webpage. I created a subscription in Azure under my username and a Resource group to hold the Key Vault. The user id has a role of administrator in Microsoft Entra. Access control (IAM) in the Azure…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-31T16:01:14.5033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 99%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDF%3C/text%3E%3C/svg%3E)
Dean Finnestad
0
Reputation points
answered 2026-04-07T04:56:55.3133333+00:00
Raja Pothuraju
47,080
Reputation points Microsoft External Staff
Moderator
1 answer
Receiving RBAC related errors when creating key vault secrets through terraform
As of yesterday, we started experiencing issues creating key vault secrets using terraform. The account we are using has all the required permissions to be able to create key vault secrets. We are experiencing the same when terraform tries to read the…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-04-01T19:37:38.6133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 27%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGH%3C/text%3E%3C/svg%3E)
Garrick Hensberg
5
Reputation points
answered 2026-04-06T22:07:49.1933333+00:00
Garrick Hensberg
5
Reputation points
1 answer
Let's Encrypt Certificate with Key Vault and Azure App Service Import Issues
Hi comunity, I have a wildcard certificate issued by Let's Encrypt. I want to use this certificate with an Azure App Service. Following the instructions, I created a password-protected .pfx file using the following command: openssl pkcs12 \ -export \ …
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
9,811 questions
asked 2024-09-29T21:47:48.62+00:00
Lucian Hanga
25
Reputation points
commented 2026-03-31T17:50:40.05+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sina Salam
28,361
Reputation points
Volunteer Moderator
1 answer
One of the answers was accepted by the question author.
Azure Key Vault SecretGet returning HTTP 500 since March 25, 2026 4:00 PM PT – Resource Health reporting Vault Degraded (Unplanned)
Beginning March 25, 2026 at approximately 4:00 PM PT, our application has been unable to retrieve secrets from Azure Key Vault during standard initialization workflows. SecretGet operations against the following Key Vault are returning HTTP 500 Internal…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-26T19:34:01.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 79%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGH%3C/text%3E%3C/svg%3E)
Geoff Hinton
20
Reputation points Microsoft Employee
accepted 2026-03-26T23:40:12.4133333+00:00
Geoff Hinton
20
Reputation points Microsoft Employee
0 answers
Join: Microsoft Azure Q&A Champions Program
The Microsoft Azure Q&A Champions Program recognizes and empowers a global community of internal and external Azure experts who help customers succeed by providing high-quality, trusted answers on Microsoft Q&A. The program scales expert led…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-25T22:55:00.4066667+00:00
Ashley Swearingen
0
Reputation points Microsoft External Staff
Moderator
answered 2026-03-25T22:55:11.1533333+00:00
Q&A Assist
1 answer
Azure Key Vault Portal truncates secret values containing "://" (e.g. MongoDB connection strings)
Environment: Azure Portal, Azure Key Vault Description: When storing a secret in Azure Key Vault that contains :// in the value (e.g. a MongoDB connection string like mongodb+srv://user:******@cluster.mongodb.net/...), the Azure Portal UI truncates the…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-16T14:34:59.3666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 43%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENT%3C/text%3E%3C/svg%3E)
Niclas - TheTyp
0
Reputation points
commented 2026-03-20T14:45:07.3633333+00:00
Niclas - TheTyp
0
Reputation points
1 answer
AADSTS700027: The certificate with identifier used to sign the client assertion is not registered on application. [Reason - The key was not found
I assigned Key Vault admin role for service (app 1) in my Key Vault with managed Identity ID. I also add following in the mainfest of registered app 1, and I cannot upload the certificate in the app certificate and secrete due to security concerns and…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 34%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEC%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 99%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
3 answers
not able to change access configuration policy
CODE InsufficientPermissions MESSAGE RAW ERROR Caller is not allowed to change permission model. For more information on how to change the permissions model follow this link: https://go.microsoft.com/fwlink/?linkid=2155160. Details:…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
1,115 questions
asked 2023-10-19T05:18:01.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
himani ghildiyal
20
Reputation points
answered 2026-03-16T18:21:50.5633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 0%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Ashwani Shaw
0
Reputation points
1 answer
ERROR | Azure Key Vault access from Python application in Azure Kubernetes Service
I have a python application in AKS where I need to read the secrets from Azure key vault. I am using: credential = DefaultAzureCredential(logging_enable=True) client = SecretClient(vault_url=KV_URI, credential=credential) secret =…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
Azure Kubernetes Service
Azure Kubernetes Service
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,710 questions
asked 2024-09-30T21:17:29.92+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
answered 2026-03-14T13:00:54.7466667+00:00
Sina Salam
28,361
Reputation points
Volunteer Moderator
2 answers
One of the answers was accepted by the question author.
Azure Key Vault API version 2026-02-01
Hello All, We are getting alert "On 27 February 2027, all Azure Key Vault API versions prior to 2026-02-01 will be retired. Azure Key Vault API version 2026-02-01—releasing in February 2026—introduces an important security update: Azure…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-01-30T10:56:44.87+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 33%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVV%3C/text%3E%3C/svg%3E)
Vikas Verma (HCL TECHNOLOGIES CORPORATE SER)
65
Reputation points Microsoft External Staff
commented 2026-03-10T05:07:34.54+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 26%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAT%3C/text%3E%3C/svg%3E)
Amit Tiwari
0
Reputation points
1 answer
How to copy Azure keyvault secrets to other subscription from Azure devops or powershell
I'm required to migrate azure keyvault secrets to other, This needs to be done by Azure devops or powershell as I have only reader access in Azure portal. This needs to be done through service principal hence using azure devops.
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2020-12-15T10:20:10.59+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 9%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sandeep SV
11
Reputation points
commented 2026-03-09T20:31:24.17+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 35%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Sean Tovson
0
Reputation points
2 answers
One of the answers was accepted by the question author.
Encryption key missing from Key Vault
1 server has the Encryption key missing from Key Vault, it is not in the deleted area and that area has a policy set to not allow purge, we only noticed when we rebooted the server, we can't find any logs as to who may have done it. We do not have a…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-05T14:38:52.1566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 13%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Mark Hancock
20
Reputation points
edited an answer 2026-03-09T08:43:45.2+00:00
Mark Hancock
20
Reputation points
1 answer
Unable to access KeyVault using User Managed Identity
I created a Key Vault and added a secret to it. Then I created a Managed Identity and added the Key Vault Secrets User role, assigning to the base subscription the same way I did for my CDN managed identity which is working as expected. Not sure if…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-08T05:16:30.9766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 32%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Nicke Manarin
20
Reputation points
commented 2026-03-08T16:47:56.03+00:00
Nicke Manarin
20
Reputation points
1 answer
Old and Current secret conflict
I have created a new secret in Azure Key Vault, which is used by my application. For certain reasons, I disabled the latest (current) version of the secret. However, there is an older version of the secret that is still enabled. Generally, the expected…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2025-10-17T14:20:58.6033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 47%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Cheedella, Satyanarayana
0
Reputation points
answered 2026-03-07T15:32:36.0066667+00:00
Sina Salam
28,361
Reputation points
Volunteer Moderator
1 answer
nexpected charge
Hello, This is my first time using Azure.I mistakenly created a Managed HSM instance, thinking it was the same as Key Vault which charges per request. I did not realize that Managed HSM is billed hourly and I just discovered the unexpected charge today.…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 3%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
2 answers
One of the answers was accepted by the question author.
Key Vault hostname is not resolvable after private endpoint is created
I need to provision a certain Key Vault for use with other resources deployed privately within a VNET which are configured with Private Endpoints. However, I still need to enable Public Access to the Key Vaults as I need my team members to be able to…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,550 questions
asked 2026-03-04T05:17:01.3366667+00:00
Kiki Kisworo
20
Reputation points
accepted 2026-03-04T10:50:32.79+00:00
Kiki Kisworo
20
Reputation points