Production Key Vault and Certificate

Owned by Agat Support
Last updated: Jun 05, 2023 by David Elkarat
2 min read

The key vault and certificate are required for webhook configuration.

 

How to add a certificate to Key-Vault https://docs.microsoft.com/en-us/azure/key-vault/certificates/quick-create-portal

Where is it configured?

  1. Login with to https://portal.azure.com

  2. In the search field type key vault and choose the relevant one

     

  3. Click on Certificates

     

  4. Click on the certificate (agatsaasagatsolutions in this example)

     

  5. Click on the current version

     

  6. Download the certificate in .cer format

     

  7. Go to “App Registration”

    1. Choose your app

    2. Click “Certificates & Secrets” - “Certificates” - “Upload”

  8. Upload the certificate you’ve downloaded from Key Vault

  9. https://agatsoftware.atlassian.net/wiki/spaces/SFTKB/pages/1258618946

  10. Go back to Key Vault certificate (section 6) and take the value from “Secret Identifier” until the level after “secret”. Example: https://agatkeyvaultproduction.vault.azure.net/secrets/agatsaasagatsolutions

  11. Copy this value to the AdminPortal config file (C:\Inetpub\AccessPortal\configuration) and CasbAdapter config file (C:\Agat\CasbAdapter\X\Configuration) in here: <add key="WebhookCertificateUrl" value="https://agatkeyvaultproduction.vault.azure.net/secrets/agatsaasagatsolutions" />

11. Save the files. Restart IIS and CasbAdapter service.

12. Look in CasbAdapter log for “Subscription” - need to see a successful creation of the subscription