Forum Discussion

bhanush880's avatar
bhanush880
Copper Contributor
Jan 27, 2020

failed to download certificate from key vault using keyvault vm extension on windows VM

failed to download certificate from key vault using keyvault vm extension on windows VM below is log on azure vm under folder C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.KeyVault.KeyVaultForWindows...
azure
jackjiang's avatar
jackjiang
Icon for Microsoft rankMicrosoft
May 01, 2020

bhanush880 You need to use the secrets path to the certificate because that'll make sure the download includes the private key as the certificate endpoint only includes the public key.

 

i.e. https://keyvaultid.vault.azure.net/secrets/wildcard-company-com

 

Keep in mind you do not need to add a secret in your Key Vault. simply making the URL change should allow the extension to download the correct certificate

 

Let me know if that works for you.

 

Thanks,

Jack

akohnen's avatar
akohnen
Copper Contributor
Feb 08, 2021

jackjiang 

 

Hello

 

I just wanted to thank you for providing this solution as it has worked for me. Once I changed:

["https://<keyvault-name>.vault.azure.net/certificates/andrew-test"]

To

["https://<keyvault-name>.vault.azure.net/secrets/andrew-test"]

 

It worked fine, as indicated in the extension logs

 

Thank you

  • DUNCAN KUFFAR's avatar
    DUNCAN KUFFAR
    Copper Contributor
    Feb 24, 2022
    That works for me to, thank you very much, change */certificates/* to */secrets/*
  • Kumar018's avatar
    Kumar018
    Copper Contributor
    Jun 08, 2021

    akohnen 

    Hi ,

    Working on azure key vault extension for windows. All the steps followed as per the documentation. But when the extension is running in the time interval below error is occurring.

    Refreshing 'https://<keyvault-name>.vault.azure.net/secrets/CertificateName' failed with RequestException: 404; desc:
    {"error":{"code":"SecretNotFound","message":"A secret with (name/id) CertificateName was not found in this key vault.

Resources