public async Task VerifyImportCertificatePemWithoutIssuer() { string certificateName = Recording.GenerateId(); byte[] certificateBytes = Encoding.ASCII.GetBytes(PemCertificateWithV3Extensions); #region Snippet:CertificateClientLiveTests_VerifyImportCertificatePem #if SNIPPET byte[] certificateBytes = File.ReadAllBytes("certificate.pem"); #endif ImportCertificateOptions options = new ImportCertificateOptions(certificateName, certificateBytes) { Policy = new CertificatePolicy { ContentType = CertificateContentType.Pem } }; #endregion KeyVaultCertificateWithPolicy cert = await Client.ImportCertificateAsync(options); RegisterForCleanup(certificateName); certificateBytes = Convert.FromBase64String(CertificateWithV3ExtensionsBase64); CollectionAssert.AreEqual(certificateBytes, cert.Cer); Assert.AreEqual("CN=Azure SDK", cert.Policy.Subject); Assert.AreEqual("*****@*****.**", cert.Policy.SubjectAlternativeNames?.Emails?[0]); }
public async Task ImportPemCertificateAsync() { // Environment variable with the Key Vault endpoint. string keyVaultUrl = TestEnvironment.KeyVaultUrl; CertificateClient client = new CertificateClient(new Uri(keyVaultUrl), new DefaultAzureCredential()); string name = $"cert-{Guid.NewGuid()}"; //@@ byte[] pem = File.ReadAllBytes("certificate.cer"); /*@@*/ byte[] pem = Encoding.ASCII.GetBytes(s_pem); ImportCertificateOptions importOptions = new ImportCertificateOptions(name, pem) { Policy = new CertificatePolicy(WellKnownIssuerNames.Self, "CN=contoso.com") { // Required when the certificate bytes are a PEM-formatted certificate. ContentType = CertificateContentType.Pem, // Optionally mark the private key exportable. Exportable = true } }; await client.ImportCertificateAsync(importOptions); DeleteCertificateOperation operation = await client.StartDeleteCertificateAsync(name); // To ensure certificates are deleted on server side. // You only need to wait for completion if you want to purge or recover the certificate. await operation.WaitForCompletionAsync(); client.PurgeDeletedCertificate(name); }
public async Task Save(CertificateInfo certificateInfo) { var client = await GetClient(); var importOptions = new ImportCertificateOptions( _options.CertificateName, await File.ReadAllBytesAsync(certificateInfo.CacheFile.FullName)); importOptions.Password = certificateInfo.CacheFilePassword; try { _ = await client.ImportCertificateAsync(importOptions); certificateInfo.StoreInfo.Add( GetType(), new StoreInfo() { Path = _options.VaultName, Name = _options.CertificateName }); } catch (Exception ex) { _log.Error(ex, "Error importing certificate to KeyVault"); } }
public async Task SaveAsync(X509Certificate2 certificate, CancellationToken cancellationToken) { var domainName = certificate.GetNameInfo(X509NameType.DnsName, false); _logger.LogInformation("Saving certificate for {Domain} in Azure KeyVault.", domainName); if (!(await ShouldImportVersionAsync(domainName, certificate, cancellationToken))) { _logger.LogInformation("Certificate for {Domain} is already up-to-date in Azure KeyVault. Skipping importing.", domainName); return; } var exported = certificate.Export(X509ContentType.Pfx); var options = new ImportCertificateOptions(NormalizeHostName(domainName), exported); try { await _client.ImportCertificateAsync(options, cancellationToken); _logger.LogInformation("Imported certificate into Azure KeyVault for {Domain}", domainName); } catch (RequestFailedException ex) { _logger.LogWarning(ex, "Failed to save {Domain} certificate to Azure KeyVault", domainName); } }
public async Task ImportPfxCertificateAsync() { // Environment variable with the Key Vault endpoint. string keyVaultUrl = TestEnvironment.KeyVaultUrl; CertificateClient client = new CertificateClient(new Uri(keyVaultUrl), new DefaultAzureCredential()); string name = $"cert-{Guid.NewGuid()}"; //@@ byte[] pfx = File.ReadAllBytes("certificate.pfx"); /*@@*/ byte[] pfx = Convert.FromBase64String(s_pfxBase64); ImportCertificateOptions importOptions = new ImportCertificateOptions(name, pfx) { Policy = new CertificatePolicy(WellKnownIssuerNames.Self, "CN=contoso.com") { // Required when setting a policy; if no policy required, Pfx is assumed. ContentType = CertificateContentType.Pkcs12, // Optionally mark the private key exportable. Exportable = true } }; await client.ImportCertificateAsync(importOptions); DeleteCertificateOperation operation = await client.StartDeleteCertificateAsync(name); // To ensure certificates are deleted on server side. // You only need to wait for completion if you want to purge or recover the certificate. await operation.WaitForCompletionAsync(); client.PurgeDeletedCertificate(name); }
/// <summary> /// Deploy current cert to Azure Key Vault /// </summary> /// <param name="log"></param> /// <param name="managedCert"></param> /// <param name="settings"></param> /// <param name="credentials"></param> /// <param name="isPreviewOnly"></param> /// <returns></returns> public async Task <List <ActionResult> > Execute(DeploymentTaskExecutionParams execParams) { var definition = GetDefinition(execParams.Definition); var results = await Validate(execParams); if (results.Any()) { return(results); } var managedCert = ManagedCertificate.GetManagedCertificate(execParams.Subject); if (string.IsNullOrEmpty(managedCert.CertificatePath)) { results.Add(new ActionResult("No certificate to deploy.", false)); return(results); } var keyVaultUri = new Uri(execParams.Settings.Parameters.FirstOrDefault(c => c.Key == "vault_uri")?.Value); var pfxData = File.ReadAllBytes(managedCert.CertificatePath); // from application user details in Azure AD var cred = new ClientSecretCredential(execParams.Credentials["tenantid"], execParams.Credentials["clientid"], execParams.Credentials["secret"]); var client = new CertificateClient(keyVaultUri, cred); var customName = execParams.Settings.Parameters.FirstOrDefault(c => c.Key == "cert_name")?.Value; var certName = GetStringAsKeyVaultName(customName ?? managedCert.Name); var importOptions = new ImportCertificateOptions(certName, pfxData); try { await client.ImportCertificateAsync(importOptions); execParams.Log.Information($"Deployed certificate [{certName}] to Azure Key Vault"); results.Add(new ActionResult("Certificate Deployed to Azure Key Vault", true)); } catch (AuthenticationFailedException exp) { execParams.Log.Error($"Azure Authentiation error: {exp.InnerException?.Message ?? exp.Message}"); results.Add(new ActionResult("Key Vault Deployment Failed", false)); } catch (Exception exp) { execParams.Log.Error($"Failed to deploy certificate [{certName}] to Azure Key Vault :{exp}"); results.Add(new ActionResult("Key Vault Deployment Failed", false)); } return(results); }
public async Task UploadCertificateAsync(string name, Uri keyVaultUri, byte[] pfxCertificate, string pfxPassword) { var client = new CertificateClient(keyVaultUri, azureCredential); var importOptions = new ImportCertificateOptions(name, pfxCertificate) { Password = pfxPassword, Enabled = true }; logger.LogInformation("Upload the certificate to KeyVault: KeyVault={keyVaultUri}, Name={certName}", keyVaultUri, name); await client.ImportCertificateAsync(importOptions); }
private async Task <KeyVaultCertificateWithPolicy> ImportCertificateAsync( byte[] certificate, string password, CancellationToken cancellationToken) { var options = new ImportCertificateOptions(_certificateName, certificate) { Password = password, Enabled = true }; var result = await _certificateClient.ImportCertificateAsync(options, cancellationToken); return(result.Value); }
public void ImportPfxCertificateSync() { // Environment variable with the Key Vault endpoint. string keyVaultUrl = TestEnvironment.KeyVaultUrl; #region Snippet:CertificatesSample3CertificateClient CertificateClient client = new CertificateClient(new Uri(keyVaultUrl), new DefaultAzureCredential()); #endregion #region Snippet:CertificatesSample3ImportPfxCertificate string name = $"cert-{Guid.NewGuid()}"; #if SNIPPET byte[] pfx = File.ReadAllBytes("certificate.pfx"); #else byte[] pfx = Convert.FromBase64String(s_pfxBase64); #endif ImportCertificateOptions importOptions = new ImportCertificateOptions(name, pfx) { Policy = new CertificatePolicy(WellKnownIssuerNames.Self, "CN=contoso.com") { // Required when setting a policy; if no policy required, Pfx is assumed. ContentType = CertificateContentType.Pkcs12, // Optionally mark the private key exportable. Exportable = true } }; client.ImportCertificate(importOptions); #endregion DeleteCertificateOperation operation = client.StartDeleteCertificate(name); // To ensure certificates are deleted on server side. // You only need to wait for completion if you want to purge or recover the certificate. while (!operation.HasCompleted) { Thread.Sleep(2000); operation.UpdateStatus(); } client.PurgeDeletedCertificate(name); }
public async Task VerifyImportCertificatePfx() { string caCertificateName = Recording.GenerateId(); byte[] caCertificateBytes = Convert.FromBase64String(CaKeyPairPkcs12Base64); ImportCertificateOptions options = new ImportCertificateOptions(caCertificateName, caCertificateBytes) { Policy = new CertificatePolicy(WellKnownIssuerNames.Self, "CN=Azure SDK") { ContentType = CertificateContentType.Pkcs12, }, }; KeyVaultCertificateWithPolicy cert = await Client.ImportCertificateAsync(options); RegisterForCleanup(caCertificateName); byte[] pubBytes = Convert.FromBase64String(CaPublicKeyBase64); CollectionAssert.AreEqual(pubBytes, cert.Cer); }
public async Task <string> ImportCertificateAsync([ActivityTrigger] AddCertificateRequestRecord record, ILogger log) { log.LogInformation($"Creating certificate for {record.Hostname}"); var certificateName = record.Hostname.Replace("*", "wildcard").Replace(".", "-"); var certificate = record.Certificate .Replace("-----BEGIN CERTIFICATE-----", "") .Replace("-----END CERTIFICATE-----", ""); var privateKey = record.PrivateKey .Replace("-----BEGIN PRIVATE KEY-----", "") .Replace("-----END PRIVATE KEY-----", ""); var certificateByteArray = Encoding.ASCII.GetBytes(certificate); var x509Certificate = new X509Certificate2(certificateByteArray); using RSA rsa = RSA.Create(); var privateKeyByteArray = Convert.FromBase64String(privateKey); if (record.Password == null) { rsa.ImportPkcs8PrivateKey(new ReadOnlySpan <byte>(privateKeyByteArray), out _); } else { rsa.ImportEncryptedPkcs8PrivateKey(record.Password, new ReadOnlySpan <byte>(privateKeyByteArray), out _); } var x509CertificateWithPrivateKey = x509Certificate.CopyWithPrivateKey(rsa); // Import certificate with the new Certificate Client var options = new ImportCertificateOptions(certificateName, x509CertificateWithPrivateKey.Export(X509ContentType.Pfx)) { Password = record.Password }; options.Tags.Add("Hostname", record.Hostname); var cert = await _certificateClient.ImportCertificateAsync(options); return(cert.Value.SecretId.AbsoluteUri); }
public async Task VerifyImportCertificatePem() { string certificateName = Recording.GenerateId(); byte[] certificateBytes = Encoding.ASCII.GetBytes(PemCertificateWithV3Extensions); ImportCertificateOptions options = new ImportCertificateOptions(certificateName, certificateBytes) { Policy = new CertificatePolicy(WellKnownIssuerNames.Self, "CN=Azure SDK") { ContentType = CertificateContentType.Pem, }, }; KeyVaultCertificateWithPolicy cert = await Client.ImportCertificateAsync(options); RegisterForCleanup(certificateName); certificateBytes = Convert.FromBase64String(CertificateWithV3ExtensionsBase64); CollectionAssert.AreEqual(certificateBytes, cert.Cer); Assert.AreEqual("CN=Azure SDK", cert.Policy.Subject); Assert.AreEqual("*****@*****.**", cert.Policy.SubjectAlternativeNames?.Emails?[0]); }
public async Task VerifyImportCertificatePem() { const string pem = "-----BEGIN CERTIFICATE-----\n" + "MIIDqzCCApMCFC+MROpib4t03Wqzgkcod1lad6JtMA0GCSqGSIb3DQEBCwUAMIGR\n" + "MQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQ\n" + "BgNVBAoMCU1pY3Jvc29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlB\n" + "enVyZSBTREsxJzAlBgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNv\n" + "bTAeFw0yMDAyMTQyMzE3MTZaFw0yNTAyMTIyMzE3MTZaMIGRMQswCQYDVQQGEwJV\n" + "UzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQBgNVBAoMCU1pY3Jv\n" + "c29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlBenVyZSBTREsxJzAl\n" + "BgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNvbTCCASIwDQYJKoZI\n" + "hvcNAQEBBQADggEPADCCAQoCggEBANwCTuK0OnFc8UytzzCIB5pUWqWCMZA8kWO1\n" + "Es84wOVupPTZHNDWKI57prj0CB5JP2yU8BkIFjhkV/9wc2KLjKwu7xaJTwBZF/i0\n" + "t8dPBbgiEUmK6xdbJsLXoef/XZ5AmvCKb0mimEMvL8KgeF5OHuZJuYO0zCiRNVtp\n" + "ZYSx2R73qhgy5klDHh346qQd5T+KbsdK3DArilT86QO1GrpBWl1GPvHJ3VZ1OO33\n" + "iFWfyEVgwdAtMAkWXH8Eh1/MpPE8WQk5X5pdVEu+RJLLrVbgr+cnlVzfirSVLRar\n" + "KZROAB3e2x8JdSqylnar/WWK11NERdiKaZr3WxAkceuVkTsKmRkCAwEAATANBgkq\n" + "hkiG9w0BAQsFAAOCAQEAYLfk2dBcW1mJbkVYx80ogDUy/xX3d+uuop2gZwUXuzWY\n" + "I4uXzSEsY37/+NKzOX6PtET3X6xENDW7AuJhTuWmTGZtPB1AjiVKLIgRwugV3Ovr\n" + "1DoPBIvS7iCHGGcsr7tAgYxiVATlIcczCxQG1KPhrrLSUDxkbiyUHpyroExHGBeC\n" + "UflT2BIO+TZ+44aYfO7vuwpu0ajfB6Rs0s/DM+uUTWCfsVvyPenObHz5HF2vxf75\n" + "y8pr3fYKuUvpJ45T0ZjiXyRpkBTDudU3vuYuyAP3PwO6F/ic7Rm9D1uzEI38Va+o\n" + "6CUh4NJnpIZIBs7T+rPwhKrUuM7BEO0CL7VTh37UzA==\n" + "-----END CERTIFICATE-----\n" + "-----BEGIN PRIVATE KEY-----\n" + "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDcAk7itDpxXPFM\n" + "rc8wiAeaVFqlgjGQPJFjtRLPOMDlbqT02RzQ1iiOe6a49AgeST9slPAZCBY4ZFf/\n" + "cHNii4ysLu8WiU8AWRf4tLfHTwW4IhFJiusXWybC16Hn/12eQJrwim9JophDLy/C\n" + "oHheTh7mSbmDtMwokTVbaWWEsdke96oYMuZJQx4d+OqkHeU/im7HStwwK4pU/OkD\n" + "tRq6QVpdRj7xyd1WdTjt94hVn8hFYMHQLTAJFlx/BIdfzKTxPFkJOV+aXVRLvkSS\n" + "y61W4K/nJ5Vc34q0lS0WqymUTgAd3tsfCXUqspZ2q/1litdTREXYimma91sQJHHr\n" + "lZE7CpkZAgMBAAECggEAMRfSwoO1BtbWgWXHdezkxWtNTuFebfEWAEnHiLYBVTD7\n" + "XieUZoVjR2gQK/VIWnm9zVzutqc3Th4WBMny9WpuWX2fnEfHeSxoTPcGi1L207/G\n" + "W8LD8tJEM/YqCrrRCR8hc8twSd4eW9+LqMJmGaUVAA4zd1BAvkyou10pahLFgEMZ\n" + "nlYxOzz0KrniNIdQxhwfaXZYUzX5ooJYtgY74vnSOHQhepRt5HY9B7iZ6jm/3ulA\n" + "aJnfNbQ8YDYTS0R+OGv8RXU/jLCm5+TPwx0XFwZ6vRtWwWUUxhLV77Re9GP1xIx9\n" + "VnYm9W3RyOm/KD9keQMTWKT0bLGB8fC6kj2mvbjgAQKBgQDzh5sy7q9RA+GqprC8\n" + "8aUmkaTMXNahPPPJoLOflJ/+QlOt6YZUIn55vmicVsvFzr9hbxdTW7aQS91iAu05\n" + "swEyltsR0my7FXsHZnN4SBct2FimAzMLTWQr10vLLRoSR5CNpUdoXGWFOAa3LKrZ\n" + "aPJEM1hA3h2XDfZ7Gtxjg4ypIQKBgQDnRl9pGwd83MkoxT4CiZvNbvdBg4lXlHcA\n" + "JoZ9OfoOey+7WRsOFsMvQapXf+JlvixP0ldECXZyxifswvfmiR2oqYTeRbITderg\n" + "mwjDjN571Ui0ls5HwCBE+/iZoNmQI5INAPqsQMXwW0rx4YNXHblsJ0qT+3yFNWOF\n" + "m6STMH8Y+QKBgFai8JivB1nICrleMdQWF43gFIPLp2OXPpeFf0GPa1fWGtTtFifK\n" + "WbpP/gFYc4f8pGMyVVcHcqxlAO5EYka7ovpvZqIxfRMVcj5QuVWaN/zMUcVFsBwe\n" + "PTvHjSRL+FF2ejuaCAxdipRZOTJjRqivyDhxF72EB3zcr8pd5PfWLe1hAoGASJRO\n" + "JvcDj4zeWDwmLLewvHTBhb7Y4DJIcjSk6jHCpr7ECQB6vB4qnO73nUQV8aYP0/EH\n" + "z+NEV9qV9vhswd1wAFlKyFKJAxBzaI9e3becrrINghb9n4jM17lXmCbhgBmZoRkY\n" + "kew18itERspl5HYAlc9y2SQIPOm3VNu2dza1/EkCgYEAlTMyL6arbtJJsygzVn8l\n" + "gKHuURwp1cxf6hUuXKJ56xI/I1OZjMidZM0bYSznmK9SGNxlfNbIV8vNhQfiwR6t\n" + "HyGypSRP+h9MS9E66boXyINaOClZqiCn0pI9aiIpl3D6EbT6e7+zKljT0XmZJduK\n" + "BkRGMfUngiT8oVyaMtZWYPM=\n" + "-----END PRIVATE KEY-----\n"; string caCertificateName = Recording.GenerateId(); byte[] caCertificateBytes = Encoding.ASCII.GetBytes(pem); ImportCertificateOptions options = new ImportCertificateOptions(caCertificateName, caCertificateBytes) { Policy = new CertificatePolicy(WellKnownIssuerNames.Self, "CN=Azure SDK") { ContentType = CertificateContentType.Pem, }, }; KeyVaultCertificateWithPolicy cert = await Client.ImportCertificateAsync(options); RegisterForCleanup(caCertificateName); byte[] pubBytes = Convert.FromBase64String(CaPublicKeyBase64); CollectionAssert.AreEqual(pubBytes, cert.Cer); }
private async Task MigrationGuide() { #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_Create CertificateClient client = new CertificateClient( new Uri("https://myvault.vault.azure.net"), new DefaultAzureCredential()); #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_Create #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateWithOptions using (HttpClient httpClient = new HttpClient()) { CertificateClientOptions options = new CertificateClientOptions { Transport = new HttpClientTransport(httpClient) }; //@@CertificateClient client = new CertificateClient( /*@@*/ CertificateClient _ = new CertificateClient( new Uri("https://myvault.vault.azure.net"), new DefaultAzureCredential(), options); } #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateWithOptions #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateCustomPolicy CertificatePolicy policy = new CertificatePolicy("issuer-name", "CN=customdomain.com") { ContentType = CertificateContentType.Pkcs12, KeyType = CertificateKeyType.Rsa, ReuseKey = true, KeyUsage = { CertificateKeyUsage.CrlSign, CertificateKeyUsage.DataEncipherment, CertificateKeyUsage.DigitalSignature, CertificateKeyUsage.KeyEncipherment, CertificateKeyUsage.KeyAgreement, CertificateKeyUsage.KeyCertSign }, ValidityInMonths = 12, LifetimeActions = { new LifetimeAction(CertificatePolicyAction.AutoRenew) { DaysBeforeExpiry = 90, } } }; #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateSelfSignedPolicy #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateSelfSignedPolicy //@@CertificatePolicy policy = CertificatePolicy.Default; /*@@*/ policy = CertificatePolicy.Default; #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateSelfSignedPolicy { #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateCertificate // Start certificate creation. // Depending on the policy and your business process, this could even take days for manual signing. CertificateOperation createOperation = await client.StartCreateCertificateAsync("certificate-name", policy); KeyVaultCertificateWithPolicy certificate = await createOperation.WaitForCompletionAsync(TimeSpan.FromSeconds(20), CancellationToken.None); // If you need to restart the application you can recreate the operation and continue awaiting. createOperation = new CertificateOperation(client, "certificate-name"); certificate = await createOperation.WaitForCompletionAsync(TimeSpan.FromSeconds(20), CancellationToken.None); #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_CreateCertificate } { #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_ImportCertificate byte[] cer = File.ReadAllBytes("certificate.pfx"); ImportCertificateOptions importCertificateOptions = new ImportCertificateOptions("certificate-name", cer) { Policy = policy }; KeyVaultCertificateWithPolicy certificate = await client.ImportCertificateAsync(importCertificateOptions); #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_ImportCertificate } { #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_ListCertificates // List all certificates asynchronously. await foreach (CertificateProperties item in client.GetPropertiesOfCertificatesAsync()) { KeyVaultCertificateWithPolicy certificate = await client.GetCertificateAsync(item.Name); } // List all certificates synchronously. foreach (CertificateProperties item in client.GetPropertiesOfCertificates()) { KeyVaultCertificateWithPolicy certificate = client.GetCertificate(item.Name); } #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_ListCertificates } { #region Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_DeleteCertificate // Delete the certificate. DeleteCertificateOperation deleteOperation = await client.StartDeleteCertificateAsync("certificate-name"); // Purge or recover the deleted certificate if soft delete is enabled. if (deleteOperation.Value.RecoveryId != null) { // Deleting a certificate does not happen immediately. Wait for the certificate to be deleted. DeletedCertificate deletedCertificate = await deleteOperation.WaitForCompletionAsync(); // Purge the deleted certificate. await client.PurgeDeletedCertificateAsync(deletedCertificate.Name); // You can also recover the deleted certificate using StartRecoverDeletedCertificateAsync, // which returns RecoverDeletedCertificateOperation you can await like DeleteCertificateOperation above. } #endregion Snippet:Azure_Security_KeyVault_Certificates_Snippets_MigrationGuide_DeleteCertificate } }
public async Task StorePfxCertificateAsync(string identifier, byte[] pfx) { var import = new ImportCertificateOptions(identifier, pfx); await certClient.ImportCertificateAsync(import); }