TenantEncryptionCert on VM created in Azure

azure iis certificate ssl-certificate virtual-machine

TenantEncryptionCert certificates are used by the Azure Guest Agent (GA) & extensions.

You’ll usually see it when extensions are using Protected Settings like passwords, and we need to securely transfer the payloads with the WireServer (the host node). So they are encrypted and a certificate is needed.

The certificate is automatically created and managed by the GA. You shouldn’t really care about it.

GA checks for the presence of certificate on startup / update. If you delete it, or if it’s not there for other reasons, then it’ll create a new one.

Note that the GA doesn’t clean the expired certificates… so you might end up with a lot of certs in the certmgr console. For this reason you can safely delete the expired ones.

HTH

CodeHunter

TenantEncryptionCert on VM created in Azure

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last