Reputation: 3
Azure KeyVault generated certifcate is showing Not Valid in Browser
Created a self signed certificate in Azure KeyVault as below with DNS
Have added the certificate to Azure Kubernetes Service as a secret using secret-store-csi-driver and added to ingress
Problem is while opening the DNS in browser it shows certificate is not valid as below
The Certificate is already added to Trusted store and shows as below
Also, the certificate in browser is the one in Azure Keyvault certificate as evident from the validity date
What could be the issue?
Upvotes: 0
Views: 862
Answers (1)
Reputation: 2807
When you use self sign a certificate, your Operating System or Browser wont trust this Cert, as it is self signed and considered insecure for the Internet.
You need to use a Cert from a valid Certification Authority or import your CA root cert that created the cert into your OS or Browser. But every user need to so this.
A better approach is Cert-Manager ff you are using AKS. Cert-Manager can issue certificates from LetsEncrypt. Here is a workflow from Microsoft for this.
Upvotes: 3
Related Questions
- azure unable to access keyvault for issuing verifiable credentials
- Why is a certificate downloaded from Azure Key Vault different than the file I uploaded
- Azure Key Vault Certificate: the key was not found
- Getting certificate from Azure KeyVault with Azure.Security.KeyVault.Secrets
- Key Vault certificate for AKS Load Balancer
- debugging cert-manager certificate creation failure on AKS
- Azure Key Vault certificate not syncing automatically with web app
- Azure Key Vault: unable to get a cert from kv when deployed
- Adding a certificate to azure VM from Key Vault
- Azure certificate in Key Vault not valid for app service