Search code examples
sharepointazure-keyvaultcsr

Im trying to generate a CSR from our SharePoint page to a vendors website to pull information from them. Where am i supposed to generate the CSR from?

Is it supposed to be done in Azure since its SharePoint or is it in a different server. I have looked into Azure Key Vault but before proceeding need confirmation if this is correct. And if so how to go about generating it.

Solution

  • Please check if the below points are helpful:

    • For a simple way to create a CSR that works on any Microsoft server platform, you can use the DigiCert.Azure Key Vault partners with the following certificate authorities to simplify certificate creation. DigiCert, GlobalSign.( offers OV TLS/SSL certificates with DigiCert /GlobalSign)
    • Azure Key Vault supports storing digital certificates issued by any certificate authority (CA). It supports (CSR) with a private/public key pair.
    • If you are a Microsoft azure user you can create csr in keyvault.The thing we need to make sure is that the private key and resulting public key are a matching pair.( AFAIK CSR need not have to be generated on SharePoint. )
    • One of the biggest advantage of managing certificates through Key Vault is the Private Key of the certificate is never exposed outside the Key Vault Security World. reference

    The Private Key would be stored within Key Vault, and Public Key would be attached to CSR and submitted to the CA.

    During certificate Import, the Public Key (attached with the certificate) would be matched against the Private Key (stored within Key Vault) to complete the Key Pair.

    Steps to generate csr in azure keyvault :

    1. Sign into the Azure portal and select the key vault where you wish to install your certificate.
    2. Select Certificates in the right-hand Settings menu.
    3. Click the Generate/Import button to open the Create a certificate window.
    4. Enter or select the details in the Create a certificate form fields

    Select Certificate issued by a integrated CA / non- integrated CA and other fields Click the Create button to generate your new key pair and CSR.

    1. And check this blog / Creating and merging a certificate signing request in Azure Key Vault | Microsoft Docs for complete details of steps. enter image description here

    References:

    1. Get started with Key Vault certificates | Microsoft Docs
    2. Access SharePoint online content using Azure key vault certificate and Azure function app | Sundar’s blog (sundarcloud.com)