Connect with a Client ID and Certificate
To configure a connection to the Azure Key Vault with ID and Certificate:
-
Follow the same steps as in Generate the Client ID in the topic Connect to Key Vault with Client ID and Secret.
-
Go to the Key Vault generated and select the Certificates>Generate/Import.
You have the option to generate a certificate outside the vault and import it here.
-
Select Generate to generate a certificate.
-
Enter the certificate details as shown below:
-
In the example shown, a certificate 'test' is generated.
-
Click on the certificate that is disabled and enable it.
-
Click open the certificate and download it as shown:
Download the certificate and. copy the certificate to the SSL folder: ~/privacera/privacera-manager/config/ssl/.
-
Open the certificate and delete the private key and save the public certificate as shown in this example:
-
Upload the certificate to the Azure application that was created as follows:
-
Go the Key vault that was created and click on Access Policies.
-
Follow the instructions in Add Access Policy.
Note
The certificate path should be as it is show in the ranger/kms/install.properties and cannot change. Also, if you need a password for the certificate, add it in the .properties file. All fields in the .properties file are required and cannot be removed. Value can be none/dummy.