[英]What is the best alternative to renew a certificate stored in Azure Key Vault?
I want to renew the certificate and update the certificate in AKS using kubectl commands.我想续订证书并使用 kubectl 命令更新 AKS 中的证书。 What is the best and easy way to do this?
最好和最简单的方法是什么?
I have used KQL query and have managed to create an alert based on certificate expiry.我使用了 KQL 查询并设法创建了基于证书到期的警报。 Now I want actions based on this alert.
现在我想根据这个警报采取行动。 I don't want to use Logic Apps or Event grid for this
我不想为此使用逻辑应用程序或事件网格
PowerShell is definitely the easiest way to do this. PowerShell 绝对是最简单的方法。 To add an existing cert to KeyVault you can use this script and modify to your needs.
要将现有证书添加到 KeyVault,您可以使用此脚本并根据需要进行修改。
$securePassword = ConvertTo-SecureString -String $certPassword -Force -AsPlainText
$cert = Import-AzKeyVaultCertificate -VaultName $keyVaultName -Name $certName -FilePath $certFilePath -Password $securePassword
This will create a new version of the cert with the same name in the key vault.这将在密钥保管库中创建具有相同名称的新版本证书。 As long as you don't reference the specific version when retrieving from KeyVault, it will return the latest.
只要您在从 KeyVault 检索时不引用特定版本,它就会返回最新版本。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.