web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Finance | Project Operations, Human Resources, ... / Upload PGP keys to Azu...
Finance | Project Operations, Human Resources, ...
Suggested Answer

Upload PGP keys to Azure key vault and use them in D365 F&O

(1) ShareShare
ReportReport
Posted on by PriyaDutta 349
Hi all,
 
I have generated PGP keys through pgptool.org. 
But while uploading to Azure key vault I am getting format issue. the pgp public and private key are in .asc file format. 
My question is:
1. How to upload them (convert to .pem file ) in Azure key vault. Using secret or key. 
2. After uploading to Key vault in azure portal, how to configure in F&O. 
 
FYI, I have created app registration and key vault . I have added Client id from app registration, key vault url and secret value also added. 
Need to add the PGP keys to both portal and FinOps.
 
I am trying Key vault for the first time. Please help.
 
 
Thanks,
Priya
 
 
I have the same question (0)
  • Martin Dráb Profile Picture
    Martin Dráb 237,976 Most Valuable Professional on at
    Please tell us you're upload the file to KeyVault and what exactly happened. "I am getting format issue" is too vague.
     
    The answer to "how to configure in F&O" depends what you want to do with it. Please remember that all we know about your requirements is what you told us, which is nothing so far. I think you should forget technical details for a moment and rather told us more about the business problem you're trying to address.

    (Moved from Dynamics AX forum.)
  • Suggested answer
    Anton Venter Profile Picture
    Anton Venter 20,346 Super User 2025 Season 2 on at
    It just so happens that I had to do exactly this a long time ago in 2018. What I learned was:
    • You have to store the PGP plain text key as a secret in the Key Vault.
    • The Key Vault "mangles" the PGP key text when retrieving it and I ended Base64 encoding the PGP key before adding it the Key Vault as a secret.
  • PriyaDutta Profile Picture
    PriyaDutta 349 on at
    I have created one key by generate option in Keys section in Key vault
     
    I have added key vault parameters by adding Key vault url, client id (from app registration ) , secret value .
    Tried adding the key by vault://[keyvaultname]/keyname/version.  
     
    On validating it. i am getting below error. 
     
     
     
  • PriyaDutta Profile Picture
    PriyaDutta 349 on at
    Hi Anton,
     
    I have few questions:
     
    1. Can I not generate key in Key vault itself ?
    2. If I generate keys through PGP tool, as there are 2 keys (Public and Private ) , both needs to be added as Secret in pain text format ?
    3. How do I convert them to plain text format ?
     
  • Anton Venter Profile Picture
    Anton Venter 20,346 Super User 2025 Season 2 on at
    Because you are trying to add a plain text PGP key (.asc file) as a key and it does not support PGP keys :-). But, like I said, you have to add it as a secret (type  secret). Read my first post on converting the key.
     
    I use https://gnupg.org/ software to create keys, there is a link for Windows software on the site.
  • PriyaDutta Profile Picture
    PriyaDutta 349 on at
    Hi Anton,
     
    Its working now as Secret. Thanks for your suggestion. The next part of the issue is how to use it in F&O. I have added Public key , private key and passpharse as Secret ,I am able to validate them in KeyvaultParameters but  they are in String format. How do I assign it to PGPPublicKey / PGPPrivateKey /PGPSecretKey type . 
    I do not have a local path as its taking from the Key vault. 
     
    Thanks ,
    Priya
  • Anton Venter Profile Picture
    Anton Venter 20,346 Super User 2025 Season 2 on at
    You are welcome. It depends on how you are going to use it with the PGP encryption/signing/decryption. The F&O, the Key vault tables/classes/configuration will return the PGP key values as a string which you can then use in F&O. I had some trouble when doing this because the enter characters (CRLF) in the text were removed/replaced when retrieving the text from Azure Key vault in F&O. I ended up replacing the enter characters before saving the PGP key to the Key vault and replacing them again when retrieveing the key. On top of that, I used Base64 encoding to save the key as secret in the Key vault.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Finance | Project Operations, Human Resources, AX, GP, SL

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 456 Super User 2025 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 429 Most Valuable Professional

#3
BillurSamdancioglu Profile Picture

BillurSamdancioglu 239 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

End-of-life Announcement for Microsoft Dynamics GP

Product updates

Dynamics 365 release plans