I'm working on setting up an application getaway with a group of backend app services. I am in the final configuration steps of configuring a listener, but first I need to set Application Gateway to support key vault reference certificates. I follow this guide from the official Microsoft documentation:

CodePudding user response：

Your first command in the posted snippet "Get-AzApplicationGateway" doesn't find your gateway. At least in the snipped provided you don't give -name and -ResourceGroupName as strings, meaning in " ". Wenn I run your commands with strings where they are required it works just fine

CodePudding user response：

When I ran the below command directly, I got the same error.

$appgw = Get-AzApplicationGateway -Name YourApplicationGatewayName -ResourceGroupName YourRGName

• First, we need to create an Application Gateway.

• Create a Managed Identity.

• After creating the ApplicationGateway and ManagedIdentity, now run the below commands.

 $appgw = Get-AzApplicationGateway -Name YourApplicationGatewayName -ResourceGroupName YourRGName
 Set-AzApplicationGatewayIdentity -ApplicationGateway $appgw -UserAssignedIdentityId "/subscriptions/YourSubscriptionID/resourceGroups/YourRGName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/MyYourManagedIdentityName"

• Create a KeyVault and certificate by following the steps from the document and run the below command to

$secret = Get-AzKeyVaultSecret -VaultName "YourKeyVaultName" -Name "YourCertificateName"

Add-AzApplicationGatewaySslCertificate -KeyVaultSecretId $secretId -ApplicationGateway $appgw -Name $secret.Name

• Before running the below command make sure you have created the Access policy with Get selected on Secret permissions and provided the created Managed Identity.

Set-AzApplicationGateway -ApplicationGateway $appgw