In addition to certificate metadata, an addressable key, and an addressable secret, a Key Vault certificate contains attributes and tags. For more information about key types, see Create certificates. HSM-protected elliptic curve key (Premium SKU only)Įxportable keys are allowed only with RSA and EC. The following table lists supported key types. The addressable Key Vault key's operations are mapped from the keyusage field of the Key Vault certificate policy that's used to create the Key Vault certificate. The addressable key becomes more relevant with non-exportable Key Vault certificates. If the policy indicates that the key is non-exportable, then the private key isn't a part of the value when it's retrieved as a secret. The policy that's used to create the certificate must indicate that the key is exportable. When a Key Vault certificate is created, it can be retrieved from the addressable secret with the private key in either PFX or PEM format. A specific version of an addressable key and secret created with the Key Vault certificate version is available in the Key Vault certificate response. The identifier and version of certificates are similar to those of keys and secrets. A Key Vault certificate also contains public X.509 certificate metadata. The Key Vault key allows key operations, and the Key Vault secret allows retrieval of the certificate value as a secret. When a Key Vault certificate is created, an addressable key and secret are also created with the same name. Non-partnered providers and authorities are also allowed but don't support automatic renewal.įor details on certificate creation, see Certificate creation methods.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |