Menu

Managed SSL Integration with Azure Key Vault

Dec 13, 2024

Managed SSL Integration with Azure Key Vault

 This article shows the step-by-step process of integrating Microsoft Azure Key Vault platform with GlobalSign’s Managed SSL (MSSL) service to provision SSL certificate to be accessed and utilized through the Microsoft Azure cloud platform. 

Prerequisites 

How to integrate Azure Key Vault with GlobalSign’s Managed SSL (MSSL)?

  1. Log in to Azure portal, then click "Create" if you do not have a Key Vault setup yet or would like to create a new one. 
    Note: If it does not auto populate you can use the search bar and it will pop up.

    1. In the Basics tab, enter the name of your key vault in the Name field and choose your Subscription preferences, Resource group (new or existing), Region, Pricing tier, Recovery options. Then, click “Next” to continue to the succeeding tabs.

    2. Choose the settings in the Access configuration, Networking, and Tags tabs according to your use case.

      ​​​​​​
    3. Once completed, go to the "Review + Create" tab to review the details you have entered. If you want to go back and modify the information from the previous page, click on "Previous". Otherwise, click "Create" if everything looks good. 

  2. Once your vault is created, you will be taken to the Overview home page. To proceed, click "Go to resource".​​​​​ 

  3. From the Certificates home page, create a GlobalSign Certificate Authority for the vault to access. Click "Certificates" from the left-hand side menu, and on the upper right-hand side select "Certificate Authorities"

  4. From the Certificate Authorities page, select "Add". Under Create a certificate authority menu, enter a Name, then on the Provider drop-down, select GlobalSign. Fill out the remaining fields with your GlobalSign GCC account information.  

  5. Once all information are saved, you will receive a notification confirming that the certificate authority has been successfully created.  

How to add a new certificate to the  vault?

  1. Go to your Key Vault and select "Certificates" in the left-hand side of the Certificates home page. Then, click “Generate/Import”

  2. Choose “Generate” as the Method of Certificate Creation, then enter an easy-to-memorize name in the Certificate Name field.
    Note: This name will be referred to within the vault only and it is not the common name of the actual certificate. 
  3. Then, select “Certificate issued by an integrated CA” from the Type of Certificate Authority (CA) drop down menu. 
  4. Click the “Certificate Authority (CA) Not Configured tab. 
  5. Select the GlobalSign Certificate Authority that you created. This will take you back to the Create a certificate form. 
  6. Fill out the “Subject” field with the common name of the certificate you are requesting (Format: CN=yourdomainname.com). 

    There are additional fields which are optional: 
    1. DNS Names – Where add additional Subject Alternative Names (SANs) 
    2. Validity Period – To select how long the certificate is valid for in month designation. 
    3. Content Type  
      1. PKCS#12 – Private public key pair 
      2. PEM – Public key
    4. Lifetime Action Type – Set certificate renewals or renewal reminders 
    5. Advanced Policy Configuration (by default it is Not configured) – Click on it to add additional EKUs and set advanced key features as shown in the Screenshot below and click “OK” to save it.

         
  7. Click “Create”, then a pop-up message in the right corner will confirm that the certificate is being created.
    Note: You can also click on the blue information bar to monitor the generation process. 



  8. Once the Status shows Completed, it confirms that the certificate has been issued and stored in the vault. You will now able to utilize the certificate through the Azure platform.



    Note: To see the list of issued Certificates, go to Certificates

Related Articles

Managed SSL - Overview

Feb 28, 2020, 8:19 AM

The GlobalSign Certificate Center (GCC) is a highly flexible, cloud-based certificate life cycle management platform. GCC centralizes certificate management for all types of GlobalSign Digital...

Read More

How to Activate MSSL

Feb 28, 2020, 8:30 AM

Managed SSL offers robust certificate management features, instant certificate issuance capabilities and volume discounts. Activate Managed SSL for no additional cost (no setup/activation, hosting or domain profile vetting fees)...

Read More

How to Add or Remove SANs in Managed SSL

Feb 28, 2020, 8:41 AM

The following article will walk you through adding or removing SANs from a Certificate in your Managed SSL account.

Read More

GlobalSign System Alerts

View recent system alerts.

View Alerts

Atlas Discovery

Scan your endpoints to locate all of your Certificates.

Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.

Contact Support