private async Task <List <X509Certificate2> > GetAllCertificateVersions(string keyVaultUrl, string certificateName)
{
List <X509Certificate2> certificates = new List <X509Certificate2>();
KeyVaultClient client = KeyVaultSettings.GetClient(_keyVaultSettings.ClientId, _keyVaultSettings.ClientSecret);
// Get the first page of certificates
IPage <CertificateItem> certificateItemsPage = await client.GetCertificateVersionsAsync(keyVaultUrl, certificateName);
while (true)
{
foreach (var certificateItem in certificateItemsPage)
{
// Ignore disabled or expired certificates
if (certificateItem.Attributes.Enabled == true &&
(certificateItem.Attributes.Expires == null ||
certificateItem.Attributes.Expires > DateTime.UtcNow))
{
CertificateBundle certificateVersionBundle =
await client.GetCertificateAsync(certificateItem.Identifier.Identifier);
SecretBundle certificatePrivateKeySecretBundle =
await client.GetSecretAsync(certificateVersionBundle.SecretIdentifier.Identifier);
byte[] privateKeyBytes = Convert.FromBase64String(certificatePrivateKeySecretBundle.Value);
X509Certificate2 certificateWithPrivateKey = new X509Certificate2(privateKeyBytes);
certificates.Add(certificateWithPrivateKey);
}
}
if (certificateItemsPage.NextPageLink == null)
{
break;
}
certificateItemsPage = await client.GetCertificateVersionsNextAsync(certificateItemsPage.NextPageLink);
}
return(certificates);
}
private async Task <List <X509Certificate2> > GetAllCertificateVersions()
{
var keyVaultClient = new KeyVaultClient(_azureKeyVaultAuthentication.KeyVaultClientAuthenticationCallback);
var certificates = new List <X509Certificate2>();
// Get the first page of certificates
var certificateItemsPage = await keyVaultClient.GetCertificateVersionsAsync(_keyVaultOptions.KeyVaultUrl, _keyVaultOptions.KeyIdentifier);
while (true)
{
foreach (var certificateItem in certificateItemsPage)
{
// Ignored disabled or expired certificates
if (certificateItem.Attributes.Enabled == true &&
(certificateItem.Attributes.Expires == null || certificateItem.Attributes.Expires > DateTime.UtcNow))
{
var certificateVersionBundle = await keyVaultClient.GetCertificateAsync(certificateItem.Identifier.Identifier);
var certificatePrivateKeySecretBundle = await keyVaultClient.GetSecretAsync(certificateVersionBundle.SecretIdentifier.Identifier);
var privateKeyBytes = Convert.FromBase64String(certificatePrivateKeySecretBundle.Value);
var certificateWithPrivateKey = new X509Certificate2(privateKeyBytes, (string)null, X509KeyStorageFlags.MachineKeySet);
certificates.Add(certificateWithPrivateKey);
}
}
if (certificateItemsPage.NextPageLink == null)
{
break;
}
else
{
// Get the next page
certificateItemsPage = await keyVaultClient.GetCertificateVersionsNextAsync(certificateItemsPage.NextPageLink);
}
}
return(certificates);
}
/// <summary>
/// List the versions of a certificate
/// </summary>
/// <param name="certificateName"> certificate name</param>
private static void ListCertificateVersions(string certificateName)
{
var vaultAddress = inputValidator.GetVaultAddress();
certificateName = (certificateName == string.Empty) ? inputValidator.GetKeyId() : certificateName;
var numKeyVersions = 0;
var maxResults = 1;
Console.Out.WriteLine("List certificate versions:---------------");
var results = keyVaultClient.GetCertificateVersionsAsync(vaultAddress, certificateName, maxResults).GetAwaiter().GetResult();
if (results != null)
{
numKeyVersions += results.Count();
foreach (var m in results)
{
Console.Out.WriteLine("\t{0}-{1}", m.Identifier.Name, m.Identifier.Version);
}
}
while (results != null && !string.IsNullOrWhiteSpace(results.NextPageLink))
{
results = keyVaultClient.GetCertificateVersionsNextAsync(results.NextPageLink).GetAwaiter().GetResult();
if (results != null && results != null)
{
numKeyVersions += results.Count();
foreach (var m in results)
{
Console.Out.WriteLine("\t{0}-{1}", m.Identifier.Name, m.Identifier.Version);
}
}
}
Console.Out.WriteLine("\n\tNumber of versions of certificate {0} in the vault: {1}", certificateName, numKeyVersions);
}
