Integration with Key Vault Certificates
It should be possible to select HTTPS certificates from Azure Key Vault. Since Azure Key Vault support auto-renewal of certificates, Application Gateway should also automatically update the certificates.
John Gilmartin commented
Pleased to see this is on the roadmap but disappointed to see that it has been so since 2016 and yet still not available. With this item and very similar one https://feedback.azure.com/forums/217313-networking/suggestions/31089529-support-ssl-certificates-stored-in-key-vault-secre there is plenty of demand, us included.
We are trying to automate the entire solution deployment process with ARM templates so this is a very important feature. Otherwise this involves some manual steps. Also we can't find very many ARM template examples involving applicate gateway, certificate and key vault, even though the ARM template reference shows objects related to all three.
Roy Kim commented
Just updated app gateway with a new cert to replace close to expiry. Therefore good to have this feature. Also when cert is replaced, app gateway should replace very quickly. With powershell cmds, we had to delete rule and http listener and then add new http listener with new cert and new rule.. This takes about 15+ minutes for app gateway to update.
Any updates on this? We are trying to consume an Azure Key Vault certificate in an ARM template using a Key Vault reference, but that doesn't seem to work. We receive an error that the certificate data is invalid.