I'm working on setting up an application getaway with a group of backend app services. I am in the final configuration steps of configuring a listener, but first I need to set Application Gateway to support key vault reference certificates. I follow this guide from the official Microsoft documentation:
CodePudding user response:
Your first command in the posted snippet "Get-AzApplicationGateway" doesn't find your gateway. At least in the snipped provided you don't give -name and -ResourceGroupName as strings, meaning in " ". Wenn I run your commands with strings where they are required it works just fine
CodePudding user response:
When I ran the below command directly, I got the same error.
$appgw = Get-AzApplicationGateway -Name YourApplicationGatewayName -ResourceGroupName YourRGName
First, we need to create an Application Gateway.
Create a Managed Identity.
After creating the
ApplicationGateway
andManagedIdentity
, now run the below commands.
$appgw = Get-AzApplicationGateway -Name YourApplicationGatewayName -ResourceGroupName YourRGName
Set-AzApplicationGatewayIdentity -ApplicationGateway $appgw -UserAssignedIdentityId "/subscriptions/YourSubscriptionID/resourceGroups/YourRGName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/MyYourManagedIdentityName"
- Create a
KeyVault
andcertificate
by following the steps from the document and run the below command to
$secret = Get-AzKeyVaultSecret -VaultName "YourKeyVaultName" -Name "YourCertificateName"
Add-AzApplicationGatewaySslCertificate -KeyVaultSecretId $secretId -ApplicationGateway $appgw -Name $secret.Name
- Before running the below command make sure you have created the
Access policy
withGet
selected onSecret permissions
and provided the created Managed Identity.
Set-AzApplicationGateway -ApplicationGateway $appgw