The way updating the certificate for Run As account should be more flexible
Currently, the self-signed certificate that you created for the Run As account expires one year from the date of creation and the certificate won’t be automatically updated. Although you can set your certificate to expire a very long time by using Azure PowerShell, some users wonder that it will be a security issue if such a long certificate leaks. Such users are required to update the certificate every year before it expired. It would be great if the operations to update a certificate could be flexible as follows so that the uses can omit the troublesome procedure, which is updating the certificate every year.
- Any expiration date can be set from Azure portal
- Add an option of automatic update
Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.
Eric Knapp commented
Ran into same issue with a client where certificate expired. We also would like a notification email indicating it needs to be renewed perhaps 2 weeks prior or something (?)