Portal support for installing an SSL certificate direct from Key Vault
In an ARM template I can install my SSL certificate direct from Key Vault, by adding a "Microsoft.Web/certificates" resource.
The Azure portal equivalent is to download the PFX from Key Vault to my computer, and upload it back to portal in the App Service SSL Binding blade. And lookup the password from wherever I saved it, and type it.
It would be more secure and more convenient if I could just enter the Key Vault and secret name on the SSL Bindings blade. I wouldn't even need access to the Key Vault myself. The ARM provider works because the "Microsoft Azure App Service" principal has access.