public async Task VerifyUpdateCertificate() { string certName = Recording.GenerateId(); CertificateOperation operation = await Client.StartCreateCertificateAsync(certName); RegisterForCleanup(certName); CertificateWithPolicy original = await WaitForCompletion(operation); CertificateProperties originalProperties = original.Properties; Assert.IsTrue(originalProperties.Enabled); Assert.IsEmpty(originalProperties.Tags); IDictionary <string, string> expTags = new Dictionary <string, string>() { { "key1", "value1" } }; originalProperties.Tags.Add("key1", "value1"); Certificate updated = await Client.UpdateCertificatePropertiesAsync(originalProperties); Assert.IsTrue(updated.Properties.Enabled); CollectionAssert.AreEqual(expTags, updated.Properties.Tags); originalProperties.Enabled = false; originalProperties.Tags.Clear(); updated = await Client.UpdateCertificatePropertiesAsync(originalProperties); Assert.IsFalse(updated.Properties.Enabled); CollectionAssert.AreEqual(expTags, updated.Properties.Tags); }
public async Task VerifyCertificateGetWithPolicyInProgress() { string certName = Recording.GenerateId(); CertificatePolicy certificatePolicy = Client.CreateDefaultPolicy(); certificatePolicy.IssuerName = "UNKNOWN"; await Client.StartCreateCertificateAsync(certName); RegisterForCleanup(certName); CertificateWithPolicy certificateWithPolicy = await Client.GetCertificateWithPolicyAsync(certName); Assert.NotNull(certificateWithPolicy); Assert.AreEqual(certificateWithPolicy.Name, certName); Assert.NotNull(certificateWithPolicy.Properties.Version); Certificate certificate = await Client.GetCertificateAsync(certName, certificateWithPolicy.Properties.Version); Assert.NotNull(certificate); Assert.AreEqual(certificate.Name, certName); }
public async Task VerifyUpdateCertificate() { string certName = Recording.GenerateId(); CertificateOperation operation = await Client.StartCreateCertificateAsync(certName); RegisterForCleanup(certName); CertificateWithPolicy original = await WaitForCompletion(operation); IDictionary <string, string> expTags = new Dictionary <string, string>() { { "key1", "value1" } }; Certificate updated = await Client.UpdateCertificateAsync(certName, original.Version, tags : expTags); Assert.IsNull(original.Tags); CollectionAssert.AreEqual(expTags, updated.Tags); updated = await Client.UpdateCertificateAsync(certName, original.Version, enabled : false); Assert.IsFalse(updated.Enabled); }
public void HelloWorldSync() { // Environment variable with the Key Vault endpoint. string keyVaultUrl = Environment.GetEnvironmentVariable("AZURE_KEYVAULT_URL"); // Instantiate a certificate client that will be used to call the service. Notice that the client is using // default Azure credentials. To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID', // 'AZURE_CLIENT_KEY' and 'AZURE_TENANT_ID' are set with the service principal credentials. var client = new CertificateClient(new Uri(keyVaultUrl), new DefaultAzureCredential()); // Let's create a self signed certifiate using the default policy. If the certificiate // already exists in the Key Vault, then a new version of the key is created. string certName = $"defaultCert-{Guid.NewGuid()}"; CertificateOperation certOp = client.StartCreateCertificate(certName); // Next let's wait on the certificate operation to complete. Note that certificate creation can last an indeterministic // amount of time, so applications should only wait on the operation to complete in the case the issuance time is well // known and within the scope of the application lifetime. In this case we are creating a self-signed certificate which // should be issued in a relatively short amount of time. while (!certOp.HasCompleted) { certOp.UpdateStatus(); Thread.Sleep(certOp.PollingInterval); } // Let's get the created certificate along with it's policy from the Key Vault. CertificateWithPolicy certificate = client.GetCertificateWithPolicy(certName); Debug.WriteLine($"Certificate was returned with name {certificate.Name} which expires {certificate.Properties.Expires}"); // We find that the certificate has been compromised and we want to disable it so applications will no longer be able // to access the compromised version of the certificate. Certificate updatedCert = client.UpdateCertificate(certName, certificate.Version, enabled: false); Debug.WriteLine($"Certificate enabled set to '{updatedCert.Properties.Enabled}'"); // We need to create a new version of the certificate that applications can use to replace the compromised certificate. // Creating a certificate with the same name and policy as the compromised certificate will create another version of the // certificate with similar properties to the original certificate CertificateOperation newCertOp = client.StartCreateCertificate(certificate.Name, certificate.Policy); while (!newCertOp.HasCompleted) { newCertOp.UpdateStatus(); Thread.Sleep(newCertOp.PollingInterval); } // The certificate is no longer needed, need to delete it from the Key Vault. client.DeleteCertificate(certName); // To ensure certificate is deleted on server side. Assert.IsTrue(WaitForDeletedCertificate(client, certName)); // If the keyvault is soft-delete enabled, then for permanent deletion, deleted certificate needs to be purged. client.PurgeDeletedCertificate(certName); }
public async Task RetrieveCertificateAsync() { #region Snippet:RetrieveCertificate CertificateWithPolicy certificateWithPolicy = await client.GetCertificateAsync("MyCertificate"); #endregion #region Snippet:GetCertificate Certificate certificate = await client.GetCertificateVersionAsync(certificateWithPolicy.Name, certificateWithPolicy.Properties.Version); #endregion }
public async Task NotFoundAsync() { #region Snippet:CertificateNotFound try { CertificateWithPolicy certificateWithPolicy = await client.GetCertificateAsync("SomeCertificate"); } catch (RequestFailedException ex) { Console.WriteLine(ex.ToString()); } #endregion }
public async Task VerifyCertificateCreateDefaultPolicy() { string certName = Recording.GenerateId(); CertificateOperation operation = await Client.StartCreateCertificateAsync(certName); RegisterForCleanup(certName); CertificateWithPolicy certificate = await WaitForCompletion(operation); Assert.NotNull(certificate); Assert.AreEqual(certificate.Name, certName); }
public async Task UpdateCertificateAsync() { CertificateWithPolicy certificate = await client.GetCertificateAsync("MyCertificate"); #region Snippet:UpdateCertificate CertificateProperties certificateProperties = new CertificateProperties(certificate.Id) { Tags = { ["key1"] = "value1" } }; Certificate updated = await client.UpdateCertificatePropertiesAsync(certificateProperties); #endregion }
public async Task CreateClientAsync() { // Environment variable with the Key Vault endpoint. string keyVaultUrl = Environment.GetEnvironmentVariable("AZURE_KEYVAULT_URL"); #region Snippet:CreateCertificateClient // Create a new certificate client using the default credential from Azure.Identity using environment variables previously set, // including AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID. var client = new CertificateClient(vaultUri: new Uri(keyVaultUrl), credential: new DefaultAzureCredential()); #endregion #region Snippet:CreateCertificate // Create a certificate. This starts a long running operation to create and sign the certificate. CertificateOperation operation = await client.StartCreateCertificateAsync("MyCertificate"); // You can await the completion of the create certificate operation. CertificateWithPolicy certificate = await operation.WaitForCompletionAsync(); #endregion this.client = client; }
public async Task VerifyDeleteRecoverPurge() { string certName = Recording.GenerateId(); CertificateOperation operation = await Client.StartCreateCertificateAsync(certName); CertificateWithPolicy original = await WaitForCompletion(operation); Assert.NotNull(original); DeletedCertificate deletedCert = await Client.DeleteCertificateAsync(certName); Assert.IsNotNull(deletedCert); Assert.IsNotNull(deletedCert.RecoveryId); await WaitForDeletedCertificate(certName); _ = await Client.RecoverDeletedCertificateAsync(certName); Assert.NotNull(original); await PollForCertificate(certName); deletedCert = await Client.DeleteCertificateAsync(certName); Assert.IsNotNull(deletedCert); Assert.IsNotNull(deletedCert.RecoveryId); await WaitForDeletedCertificate(certName); await Client.PurgeDeletedCertificateAsync(certName); await WaitForPurgedCertificate(certName); }
public async Task VerifyGetCertificateCompleted() { string certName = Recording.GenerateId(); CertificateOperation operation = await Client.StartCreateCertificateAsync(certName); RegisterForCleanup(certName); await WaitForCompletion(operation); CertificateWithPolicy certificateWithPolicy = await Client.GetCertificateWithPolicyAsync(certName); Assert.NotNull(certificateWithPolicy); Assert.AreEqual(certificateWithPolicy.Name, certName); Assert.NotNull(certificateWithPolicy.Properties.Version); Certificate certificate = await Client.GetCertificateAsync(certName, certificateWithPolicy.Properties.Version); Assert.NotNull(certificate); Assert.AreEqual(certificate.Name, certName); }