Professional Documents
Culture Documents
Region: West US
3. You can configure access policies and network access at deployment time, but for now,
select Review + create. When ready, select Create
4. If needed, select the notification bell in the top right-hand corner to view deployment
progress as the key vault is created. It takes a minute or two to create the key vault.
5. When ready, select Go to resource
2. Objective – Create, read, update, and delete keys, secrets, and certificates
by using the Key Vault
1. From your Key Vault, select Keys on the left-hand side, then choose to + Generate/Import.
Enter the following configuration information. If not noted below, use the defaults:
Options: Generate
Name: trainingkey
Key Type: RSA
RSA Key Size: 4096
Enabled: Yes
Note how you can set activation and expiration dates, and choose to set the key as
disabled.
Note the options for setting length of certificate in months, and the ability to
automatically renew at a given percentage lifetime.
6. When ready, select Create. As this is a self-signed certificate, the key vault generates the
certificate signing request, passes that to it’s internal certificate authority, then receives and
adds the certificate to the key vault. This process takes a few moments, so the certificate
initially shows as In progress, failed or cancelled.
Refresh the list after a few seconds and it should eventually show that the certificate is
completed and enabled.
These keys, secrets, and certificates could now be used with your applications. In practice,
applications or other Azure services often connect to Key Vault to generate and then
retrieve their own keys or certificates.