I have successfully imported an digital signature certificate (which comes with a root certificate and a chain certificate) in my Azure KeyVault using the command "mport-AzureKeyVaultCertificate -VaultName $vaultName -Name $certificateName -FilePath". The certificate has been issued to me by a public Certificate Authority.
I tried to run the exact same command to import the root certificate and the chain certificate, but I am unable to.
My question is: is there a way at all too import the root and the intermediate certificates into the KeyVault? Or they need to be imported somewhere else?
Thanks
Concatenate your certificate, the CA bundle file and the private key file into a .pem file in the order:
cat <cert>.crt <bundle>.cabundle <private>.key > <full-cert>.pem
Use the Azure CLI 2.0 az tool to import into the key vault using:
az keyvault certificate import --vault-name <your-vault> --name <cert-name> --file <cert-file>.pem
You should find that the az tool creates three entries in your vault all with the name <cert-name> (i) a certificate containing the <cert>.crt file, (ii) the private key and (iii) a secret containing the full root + chain + private key which you can later download if needed.