private async Task <List <X509Certificate2> > GetAllCertificateVersions(string keyVaultUrl, string certificateName) { List <X509Certificate2> certificates = new List <X509Certificate2>(); KeyVaultClient client = KeyVaultSettings.GetClient(_keyVaultSettings.ClientId, _keyVaultSettings.ClientSecret); // Get the first page of certificates IPage <CertificateItem> certificateItemsPage = await client.GetCertificateVersionsAsync(keyVaultUrl, certificateName); while (true) { foreach (var certificateItem in certificateItemsPage) { // Ignore disabled or expired certificates if (certificateItem.Attributes.Enabled == true && (certificateItem.Attributes.Expires == null || certificateItem.Attributes.Expires > DateTime.UtcNow)) { CertificateBundle certificateVersionBundle = await client.GetCertificateAsync(certificateItem.Identifier.Identifier); SecretBundle certificatePrivateKeySecretBundle = await client.GetSecretAsync(certificateVersionBundle.SecretIdentifier.Identifier); byte[] privateKeyBytes = Convert.FromBase64String(certificatePrivateKeySecretBundle.Value); X509Certificate2 certificateWithPrivateKey = new X509Certificate2(privateKeyBytes); certificates.Add(certificateWithPrivateKey); } } if (certificateItemsPage.NextPageLink == null) { break; } certificateItemsPage = await client.GetCertificateVersionsNextAsync(certificateItemsPage.NextPageLink); } return(certificates); }
private async Task <List <X509Certificate2> > GetAllCertificateVersions() { var keyVaultClient = new KeyVaultClient(_azureKeyVaultAuthentication.KeyVaultClientAuthenticationCallback); var certificates = new List <X509Certificate2>(); // Get the first page of certificates var certificateItemsPage = await keyVaultClient.GetCertificateVersionsAsync(_keyVaultOptions.KeyVaultUrl, _keyVaultOptions.KeyIdentifier); while (true) { foreach (var certificateItem in certificateItemsPage) { // Ignored disabled or expired certificates if (certificateItem.Attributes.Enabled == true && (certificateItem.Attributes.Expires == null || certificateItem.Attributes.Expires > DateTime.UtcNow)) { var certificateVersionBundle = await keyVaultClient.GetCertificateAsync(certificateItem.Identifier.Identifier); var certificatePrivateKeySecretBundle = await keyVaultClient.GetSecretAsync(certificateVersionBundle.SecretIdentifier.Identifier); var privateKeyBytes = Convert.FromBase64String(certificatePrivateKeySecretBundle.Value); var certificateWithPrivateKey = new X509Certificate2(privateKeyBytes, (string)null, X509KeyStorageFlags.MachineKeySet); certificates.Add(certificateWithPrivateKey); } } if (certificateItemsPage.NextPageLink == null) { break; } else { // Get the next page certificateItemsPage = await keyVaultClient.GetCertificateVersionsNextAsync(certificateItemsPage.NextPageLink); } } return(certificates); }
/// <summary> /// List the versions of a certificate /// </summary> /// <param name="certificateName"> certificate name</param> private static void ListCertificateVersions(string certificateName) { var vaultAddress = inputValidator.GetVaultAddress(); certificateName = (certificateName == string.Empty) ? inputValidator.GetKeyId() : certificateName; var numKeyVersions = 0; var maxResults = 1; Console.Out.WriteLine("List certificate versions:---------------"); var results = keyVaultClient.GetCertificateVersionsAsync(vaultAddress, certificateName, maxResults).GetAwaiter().GetResult(); if (results != null) { numKeyVersions += results.Count(); foreach (var m in results) { Console.Out.WriteLine("\t{0}-{1}", m.Identifier.Name, m.Identifier.Version); } } while (results != null && !string.IsNullOrWhiteSpace(results.NextPageLink)) { results = keyVaultClient.GetCertificateVersionsNextAsync(results.NextPageLink).GetAwaiter().GetResult(); if (results != null && results != null) { numKeyVersions += results.Count(); foreach (var m in results) { Console.Out.WriteLine("\t{0}-{1}", m.Identifier.Name, m.Identifier.Version); } } } Console.Out.WriteLine("\n\tNumber of versions of certificate {0} in the vault: {1}", certificateName, numKeyVersions); }