Feature Request: ACA environment support referencing certificates in Azure Keyvault

[ivanthelad]

Is your feature request related to a problem? Please describe.
Today if a ACA user wants to use a custom certificate they need to manually upload the cert in the azure portal or cli. it would be preferable to reference a certificate in a centrally managed vault like Azure KEyvault Describe the solution you'd like.
Users have the option to reference a key vault certificate much like is possible in app services today https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex#import-a-certificate-from-key-vault Describe alternatives you've considered.
no alternative available for bio certs https://github.com/microsoft/azure-container-apps/issues/888 +

[shrink0r]

Imho this feature is one of the missing parts to providing an overall smooth experience around ACA. Especially within a hub and spoke architecture where the same cert is used within the Application Gateway and ACA ingress. Are there any infos available on the timeline for this feature? At my current employer, which is a larger Microsoft customer, we are really looking forward to the availability of this feature.

[ivanthelad]

here's the roadmap item https://github.com/microsoft/azure-container-apps/issues/888

[ivanthelad]

This should also include auto-rotation

[ivanthelad]

there was a recent preview that allows you to import/upload certs from kv. but thats where it seems to end there, it does not update any reference or auto rotate. https://azure.microsoft.com/en-us/updates/public-preview-support-for-key-vault-certificates/