Replacing the Certificate for an Azure Key Vault Server

You can replace the certificate for a Microsoft Azure Key Vault server from the Command Center.

Before You Begin

Obtain a new certificate that establishes trust with the Key Vault. The key length of the certificate should be a minimum of 2,048 bits.

For more information about Key Vault certificates, go to Getting started with Key Vault certificates on the Microsoft Azure documentation website.

Procedure

1. From the CommCell Console ribbon, on the Home tab, click Control Panel.

   The Control Panel window appears.

2. Under Storage, click Key Management Servers.

   The Encryption Key Management Servers dialog box appears.

3. Select the Azure Key Vault server, and then click Edit.

   The Edit Azure Key Vault dialog box appears.

4. Enter the following information.

   • Certificate: Select the location of the certificate.

     For example, C:\Certificates\client.pfx

   • Certificate Thumbprint: Enter the thumbprint for the certificate.

   • Certificate Password: Enter the certificate password.

5. Click OK.

What to Do Next

To verify that the new certificate functions, perform a restore operation or an auxiliary copy operation on a storage policy copy that uses the Key Vault server.