Merge pull request #2660 from msmbaldwin/placeholder-standardization-certificates

Standardize placeholders in key-vault/certificates

Author: prmerger-automator[bot]

articles/key-vault/certificates/create-certificate-scenarios.md

@@ -7,7 +7,7 @@ author: msmbaldwin
 ms.service: azure-key-vault
 ms.subservice: certificates
 ms.topic: how-to
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 
@@ -96,7 +96,7 @@ StatusCode: 200, ReasonPhrase: 'OK'
 {
   "id": “https://mykeyvault.vault.azure.net/certificates/mycert1/pending",
   "issuer": {
-    "name": "{issuer-name}"
+    "name": "mydigicert"
   },
   "csr": "MIICq......DD5Lp5cqXg==",
   "cancellation_requested": false,
@@ -128,7 +128,7 @@ StatusCode: 200, ReasonPhrase: 'OK'
 {
   "id": “https://mykeyvault.vault.azure.net/certificates/mycert1/pending",
   "issuer": {
-    "name": "{issuer-name}"
+    "name": "mydigicert"
   },
   "csr": "MIICq......DD5Lp5cqXg==",
   "cancellation_requested": false,
@@ -160,16 +160,16 @@ StatusCode: 200, ReasonPhrase: 'OK'
 {
   "id": “https://mykeyvault.vault.azure.net/certificates/mycert1/pending",
   "issuer": {
-    "name": "{issuer-name}"
+    "name": "mydigicert"
   },
   "csr": "MIICq......DD5Lp5cqXg==",
   "cancellation_requested": false,
   "status": "failed",
   "status_details": "",
   "request_id": "a76827a18b63421c917da80f28e9913d",
   "error": {
-    "code": "<errorcode>",
-    "message": "<message>"
+    "code": "Certificate issuer error",
+    "message": "The issuer encountered an error processing the certificate request."
   }
 }
 
@@ -310,7 +310,7 @@ StatusCode: 200, ReasonPhrase: 'OK'
 {
   "id": “https://mykeyvault.vault.azure.net/certificates/mycert1/pending",
   "issuer": {
-    "name": "{issuer-name}"
+    "name": "mydigicert"
   },
   "csr": "MIICq......DD5Lp5cqXg==",
   "cancellation_requested": true,
@@ -343,7 +343,7 @@ StatusCode: 200, ReasonPhrase: 'OK'
 {
   "id": “https://mykeyvault.vault.azure.net/certificates/mycert1/pending",
   "issuer": {
-    "name": "{issuer-name}"
+    "name": "mydigicert"
   },
   "csr": "MIICq......DD5Lp5cqXg==",
   "cancellation_requested": false,
@@ -410,7 +410,7 @@ Location: “https://mykeyvault.vault.azure.net/certificates/mycert1/pending?api
 
 |Element name|Required|Type|Version|Description|
 |------------------|--------------|----------|-------------|-----------------|
-|x5c|Yes|array|\<introducing version>|X509 certificate chain as base 64 string array.|
+|x5c|Yes|array|\<introducing-version>|X509 certificate chain as base 64 string array.|
 
 ### Response
 

articles/key-vault/certificates/create-certificate-signing-request.md

@@ -41,7 +41,7 @@ Follow these steps to add a certificate from CAs that aren't partnered with Key
 1. Select the **Generate/Import** tab.
 1. On the **Create a certificate** screen, choose the following values:
     - **Method of Certificate Creation**: Generate.
-    - **Certificate Name**: ContosoManualCSRCertificate.
+    - **Certificate Name**: A unique name for your certificate.
     - **Type of Certificate Authority (CA)**: Certificate issued by a non-integrated CA.
     - **Subject**: `"CN=www.contosoHRApp.com"`.
      > [!NOTE]
@@ -81,7 +81,7 @@ The certificate request has now been successfully merged.
 1. Create the CSR.
 
    ```azure-powershell
-   $csr = Add-AzKeyVaultCertificate -VaultName ContosoKV -Name ContosoManualCSRCertificate -CertificatePolicy $policy
+   $csr = Add-AzKeyVaultCertificate -VaultName "<vault-name>" -Name "<certificate-name>" -CertificatePolicy $policy
    $csr.CertificateSigningRequest
    ```
 
@@ -90,7 +90,7 @@ The certificate request has now been successfully merged.
 1. Merge the signed request in Key Vault. After the certificate request has been signed, you can merge it with the initial private/public key pair created in Azure Key Vault.
 
     ```azure-powershell-interactive
-    Import-AzKeyVaultCertificate -VaultName ContosoKV -Name ContosoManualCSRCertificate -FilePath C:\test\OutputCertificateFile.cer
+    Import-AzKeyVaultCertificate -VaultName "<vault-name>" -Name "<certificate-name>" -FilePath C:\test\OutputCertificateFile.cer
     ```
 
 The certificate request has now been successfully merged.

articles/key-vault/certificates/how-to-export-certificate.md

@@ -9,7 +9,7 @@ ms.service: azure-key-vault
 ms.subservice: certificates
 ms.topic: how-to
 ms.custom: mvc, sfi-image-nochange
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 #Customer intent: As a security admin who is new to Azure, I want to use Key Vault to securely store certificates in Azure.
@@ -77,12 +77,12 @@ For more information, see [parameter definitions](/cli/azure/keyvault/secret#az-
 
 # [PowerShell](#tab/azure-powershell)
 
-Use this command in Azure PowerShell to get the certificate named **TestCert01** from the key vault named **ContosoKV01**. To download the certificate as a PFX file, run following command. These commands access **SecretId**, and then save the content as a PFX file.
+Use this command in Azure PowerShell to get a certificate from your key vault. To download the certificate as a PFX file, run the following command. These commands access **SecretId**, and then save the content as a PFX file.
 
 ```azurepowershell
-$vaultName = '<YourVault>'
-$certificateName = '<YourCert>'
-$password = '<YourPwd>'
+$vaultName = '<vault-name>'
+$certificateName = '<certificate-name>'
+$password = '<password>'
 
 $pfxSecret = Get-AzKeyVaultSecret -VaultName $vaultName -Name $certificateName -AsPlainText
 $certBytes = [Convert]::FromBase64String($pfxSecret)

articles/key-vault/certificates/how-to-integrate-certificate-authority.md

@@ -111,17 +111,17 @@ You can use Azure PowerShell to create and manage Azure resources by using comma
 1.  Create an Azure resource group by using [New-AzResourceGroup](/powershell/module/az.resources/new-azresourcegroup). A resource group is a logical container into which Azure resources are deployed and managed. 
 
     ```azurepowershell-interactive
-    New-AzResourceGroup -Name ContosoResourceGroup -Location EastUS
+    New-AzResourceGroup -Name "<resource-group>" -Location "<location>"
     ```
 
-2. Create a key vault that has a unique name. Here, `Contoso-Vaultname` is the name for the key vault.
+2. Create a key vault that has a unique name.
 
-   - **Vault name**: `Contoso-Vaultname`
-   - **Resource group name**: `ContosoResourceGroup`
-   - **Location**: `EastUS`
+   - **Vault name**: A unique name for your vault
+   - **Resource group name**: The resource group from step 1
+   - **Location**: Your preferred location
 
     ```azurepowershell-interactive
-    New-AzKeyVault -Name 'Contoso-Vaultname' -ResourceGroupName 'ContosoResourceGroup' -Location 'EastUS' -EnableRbacAuthorization $true
+    New-AzKeyVault -Name "<vault-name>" -ResourceGroupName "<resource-group>" -Location "<location>" -EnableRbacAuthorization $true
    ```
 
 3. Define variables for the following values from your DigiCert CertCentral account:
@@ -138,14 +138,14 @@ You can use Azure PowerShell to create and manage Azure resources by using comma
 
 4. Set the issuer. Doing so will add Digicert as a certificate authority in the key vault. [Learn more about the parameters.](/powershell/module/az.keyvault/Set-AzKeyVaultCertificateIssuer)
    ```azurepowershell-interactive
-   Set-AzKeyVaultCertificateIssuer -VaultName "Contoso-Vaultname" -Name "TestIssuer01" -IssuerProvider DigiCert -AccountId $accountId -ApiKey $secureApiKey -OrganizationDetails $org -PassThru
+   Set-AzKeyVaultCertificateIssuer -VaultName "<vault-name>" -Name "TestIssuer01" -IssuerProvider DigiCert -AccountId $accountId -ApiKey $secureApiKey -OrganizationDetails $org -PassThru
    ```
 
 5. Set the policy for the certificate and issuing certificate from DigiCert directly in Key Vault:
 
    ```azurepowershell-interactive
-   $Policy = New-AzKeyVaultCertificatePolicy -SecretContentType "application/x-pkcs12" -SubjectName "CN=contoso.com" -IssuerName "TestIssuer01" -ValidityInMonths 12 -RenewAtNumberOfDaysBeforeExpiry 60
-   Add-AzKeyVaultCertificate -VaultName "Contoso-Vaultname" -Name "ExampleCertificate" -CertificatePolicy $Policy
+   $Policy = New-AzKeyVaultCertificatePolicy -SecretContentType "application/x-pkcs12" -SubjectName "CN=<domain-name>" -IssuerName "TestIssuer01" -ValidityInMonths 12 -RenewAtNumberOfDaysBeforeExpiry 60
+   Add-AzKeyVaultCertificate -VaultName "<vault-name>" -Name "ExampleCertificate" -CertificatePolicy $Policy
    ```
 
 The certificate is now issued by DigiCert certificate authority in the specified key vault.

articles/key-vault/certificates/overview-renew-certificate.md

@@ -7,7 +7,7 @@ author: msmbaldwin
 ms.service: azure-key-vault
 ms.subservice: certificates
 ms.topic: overview
-ms.date: 04/14/2025
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 ---
@@ -61,7 +61,7 @@ To renew a nonintegrated CA certificate:
 1. On the certificate pane, select **New Version**.
 3. On the **Create a certificate** page, make sure the **Generate** option is selected under **Method of Certificate Creation**.
 4. Verify the **Subject** and other details about the certificate and then select **Create**.
-5. You should now see the message **The creation of certificate << certificate name >> is currently pending. Click here to go its Certificate Operation to monitor the progress**
+5. You should now see the message **The creation of certificate `<certificate-name>` is currently pending. Click here to go its Certificate Operation to monitor the progress**
 1. Select on the message and a new pane should be shown. The pane should show the status as "In Progress". At this point, Key Vault has generated a CSR that you can download using the **Download CSR** option.
 1. Select **Download CSR** to download a CSR file to your local drive.
 1. Send the CSR to your choice of CA to sign the request.
@@ -73,29 +73,29 @@ To renew a nonintegrated CA certificate:
 Use the Azure CLI [az keyvault certificate create](/cli/azure/keyvault/certificate#az-keyvault-certificate-create) command, providing the name of the certificate you wish to renew:
 
 ```azurecli-interactive
-az keyvault certificate create --vault-name "<your-unique-keyvault-name>" -n "<name-of-certificate-to-renew>" -p "$(az keyvault certificate get-default-policy)"
+az keyvault certificate create --vault-name "<vault-name>" -n "<certificate-name>" -p "$(az keyvault certificate get-default-policy)"
 ```
 
 After renewing the certificate, you can view all the versions of the certificate using the Azure CLI [az keyvault certificate list-versions](/cli/azure/keyvault/certificate#az-keyvault-certificate-list) command:
 
 ```azurecli-interactive
-az keyvault certificate list-versions --vault-name "<your-unique-keyvault-name>" -n "<name-of-renewed-certificate>"
+az keyvault certificate list-versions --vault-name "<vault-name>" -n "<certificate-name>"
 ```
 
 # [Azure PowerShell](#tab/azure-powershell)
 
 Use the Azure PowerShell [New-AzKeyVaultCertificatePolicy](/powershell/module/az.keyvault/new-azkeyvaultcertificatepolicy) cmdlet, providing the name of the certificate you wish to renew:
 
 ```azurepowershell-interactive
-$Policy = New-AzKeyVaultCertificatePolicy -SecretContentType "application/x-pkcs12" -SubjectName "CN=contoso.com" -IssuerName "Self" -ValidityInMonths 6 -ReuseKeyOnRenewal
+$Policy = New-AzKeyVaultCertificatePolicy -SecretContentType "application/x-pkcs12" -SubjectName "CN=<domain-name>" -IssuerName "Self" -ValidityInMonths 6 -ReuseKeyOnRenewal
 
-Add-AzKeyVaultCertificate -VaultName "<your-unique-keyvault-name>" -Name "<name-of-certificate-to-renew>" -CertificatePolicy $Policy
+Add-AzKeyVaultCertificate -VaultName "<vault-name>" -Name "<certificate-name>" -CertificatePolicy $Policy
 ```
 
 After renewing the certificate, you can view all the versions of the certificate using the Azure PowerShell [Get-AzKeyVaultCertificate](/cli/azure/keyvault/certificate#az-keyvault-certificate-list) cmdlet:
 
 ```azurepowershell-interactive
-Get-AzKeyVaultCertificate "<your-unique-keyvault-name>" -Name "<name-of-renewed-certificate>" -IncludeVersions
+Get-AzKeyVaultCertificate "<vault-name>" -Name "<certificate-name>" -IncludeVersions
 ```
 
 ---

articles/key-vault/certificates/quick-create-cli.md

@@ -6,7 +6,7 @@ ms.service: azure-key-vault
 ms.subservice: certificates
 ms.topic: quickstart
 ms.custom: mvc, devx-track-azurecli, mode-api
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 
 ms.author: mbaldwin
 #Customer intent: As a security admin who is new to Azure, I want to use Key Vault to securely store keys and passwords in Azure
@@ -40,16 +40,16 @@ To add a certificate to the vault, you just need to take a couple of additional
 Type the commands below to create a self-signed certificate with default policy called **ExampleCertificate** :
 
 ```azurecli
-az keyvault certificate create --vault-name "<your-unique-keyvault-name>" -n ExampleCertificate -p "$(az keyvault certificate get-default-policy)"
+az keyvault certificate create --vault-name "<vault-name>" -n ExampleCertificate -p "$(az keyvault certificate get-default-policy)"
 ```
 
-You can now reference this certificate that you added to Azure Key Vault by using its URI. Use **`https://<your-unique-keyvault-name>.vault.azure.net/certificates/ExampleCertificate`** to get the current version. 
+You can now reference this certificate that you added to Azure Key Vault by using its URI. Use **`https://<vault-name>.vault.azure.net/certificates/ExampleCertificate`** to get the current version. 
 
 To view previously stored certificate:
 
 ```azurecli
 
-az keyvault certificate show --name "ExampleCertificate" --vault-name "<your-unique-keyvault-name>"
+az keyvault certificate show --name "ExampleCertificate" --vault-name "<vault-name>"
 ```
 
 Now, you have created a Key Vault, stored a certificate, and retrieved it.

articles/key-vault/certificates/quick-create-go.md

@@ -3,7 +3,7 @@ title: Quickstart – Azure Key Vault Go client library - Manage certificates
 description: Learn how to create, retrieve, and delete certificates from an Azure key vault using the Go client library
 author: Duffney
 ms.author: jduffney
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 ms.service: azure-key-vault
 ms.subservice: certificates
 ms.topic: quickstart
@@ -191,13 +191,13 @@ Before you run the code, create an environment variable named `KEY_VAULT_NAME`.
 # [Bash](#tab/bash)
 
 ```bash
-export KEY_VAULT_NAME=<YourKeyVaultName>
+export KEY_VAULT_NAME=<vault-name>
 ```
 
 # [PowerShell](#tab/powershell)
 
 ```powershell
-$env:KEY_VAULT_NAME=<YourKeyVaultName>
+$env:KEY_VAULT_NAME=<vault-name>
 ```
 
 ---
@@ -217,7 +217,7 @@ For more examples, see the [module documentation](https://aka.ms/azsdk/go/keyvau
 Run the following command to delete the resource group and all its remaining resources:
 
 ```azurecli
-az group delete --resource-group myResourceGroup
+az group delete --resource-group <resource-group>
 ```
 
 ## Next steps

articles/key-vault/certificates/quick-create-java.md

@@ -4,7 +4,7 @@ description: Learn about the Azure Key Vault Certificate client library for Java
 author: msmbaldwin
 ms.custom: devx-track-java, devx-track-azurecli, devx-track-azurepowershell, mode-api, passwordless-java, devx-track-extended-java
 ms.author: mbaldwin
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 
 ms.service: azure-key-vault
 ms.subservice: certificates
@@ -129,19 +129,19 @@ This application is using your key vault name as an environment variable called
 Windows
 
 ```cmd
-set KEY_VAULT_NAME=<your-key-vault-name>
+set KEY_VAULT_NAME=<vault-name>
 ````
 
 Windows PowerShell
 
 ```powershell
-$Env:KEY_VAULT_NAME="<your-key-vault-name>"
+$Env:KEY_VAULT_NAME="<vault-name>"
 ```
 
 macOS or Linux
 
 ```cmd
-export KEY_VAULT_NAME=<your-key-vault-name>
+export KEY_VAULT_NAME=<vault-name>
 ```
 
 ## Object model
@@ -175,7 +175,7 @@ Application requests to most Azure services must be authorized. Using the [Defau
 
 In this quickstart, `DefaultAzureCredential` authenticates to key vault using the credentials of the local development user logged into the Azure CLI. When the application is deployed to Azure, the same `DefaultAzureCredential` code can automatically discover and use a managed identity that is assigned to an App Service, Virtual Machine, or other services. For more information, see [Managed Identity Overview](/entra/identity/managed-identities-azure-resources/overview).
 
-In this example, the name of your key vault is expanded to the key vault URI, in the format `https://<your-key-vault-name>.vault.azure.net`. For more information about authenticating to key vault, see [Developer's Guide](/azure/key-vault/general/developers-guide#authenticate-to-key-vault-in-code).
+In this example, the name of your key vault is expanded to the key vault URI, in the format `https://<vault-name>.vault.azure.net`. For more information about authenticating to key vault, see [Developer's Guide](/azure/key-vault/general/developers-guide#authenticate-to-key-vault-in-code).
 
 ```java
 String keyVaultName = System.getenv("KEY_VAULT_NAME");
@@ -229,11 +229,11 @@ deletionPoller.waitForCompletion();
 When no longer needed, you can use the Azure CLI or Azure PowerShell to remove your key vault and the corresponding resource group.
 
 ```azurecli
-az group delete -g "myResourceGroup"
+az group delete -g "<resource-group>"
 ```
 
 ```azurepowershell
-Remove-AzResourceGroup -Name "myResourceGroup"
+Remove-AzResourceGroup -Name "<resource-group>"
 ```
 
 ## Sample code

articles/key-vault/certificates/quick-create-net.md

@@ -3,7 +3,7 @@ title: Quickstart - Azure Key Vault certificates client library for .NET
 description: Learn how to create, retrieve, and delete certificates from an Azure key vault using the .NET client library
 author: msmbaldwin
 ms.author: mbaldwin
-ms.date: 01/30/2026
+ms.date: 03/26/2026
 
 ms.service: azure-key-vault
 ms.subservice: certificates
@@ -98,16 +98,16 @@ The application obtains the key vault name from an environment variable called `
 
 Windows
 ```cmd
-set KEY_VAULT_NAME=<your-key-vault-name>
+set KEY_VAULT_NAME=<vault-name>
 ````
 Windows PowerShell
 ```powershell
-$Env:KEY_VAULT_NAME="<your-key-vault-name>"
+$Env:KEY_VAULT_NAME="<vault-name>"
 ```
 
 macOS or Linux
 ```bash
-export KEY_VAULT_NAME=<your-key-vault-name>
+export KEY_VAULT_NAME=<vault-name>
 ```
 
 ## Object model
@@ -132,7 +132,7 @@ Application requests to most Azure services must be authorized. Using the [Defau
 
 In this quickstart, `DefaultAzureCredential` authenticates to key vault using the credentials of the local development user logged into the Azure CLI. When the application is deployed to Azure, the same `DefaultAzureCredential` code can automatically discover and use a managed identity that is assigned to an App Service, Virtual Machine, or other services. For more information, see [Managed Identity Overview](/entra/identity/managed-identities-azure-resources/overview).
 
-In this example, the name of your key vault is expanded to the key vault URI, in the format `https://<your-key-vault-name>.vault.azure.net`. For more information about authenticating to key vault, see [Developer's Guide](/azure/key-vault/general/developers-guide#authenticate-to-key-vault-in-code).
+In this example, the name of your key vault is expanded to the key vault URI, in the format `https://<vault-name>.vault.azure.net`. For more information about authenticating to key vault, see [Developer's Guide](/azure/key-vault/general/developers-guide#authenticate-to-key-vault-in-code).
 
 ```csharp
 string keyVaultName = Environment.GetEnvironmentVariable("KEY_VAULT_NAME");