async def recover_deleted_certificate(self, name: str,
**kwargs: "**Any") -> Certificate:
"""Recovers the deleted certificate back to its current version under
/certificates.
Performs the reversal of the Delete operation. THe operation is applicable
in vaults enabled for soft-delete, and must be issued during the retention
interval (available in the deleted certificate's attributes). This operation
requires the certificates/recover permission.
:param str name: The name of the deleted certificate
:return: The recovered certificate
:rtype: ~azure.keyvault.certificates.models.Certificate
:raises: :class:`~azure.core.exceptions.HttpResponseError`
Example:
.. literalinclude:: ../tests/test_examples_certificates_async.py
:start-after: [START recover_deleted_certificate]
:end-before: [END recover_deleted_certificate]
:language: python
:caption: Recover a deleted certificate
:dedent: 8
"""
bundle = await self._client.recover_deleted_certificate(
vault_base_url=self.vault_endpoint,
certificate_name=name,
**kwargs)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
async def restore_certificate(self, backup: bytes,
**kwargs: "**Any") -> Certificate:
"""Restores a backed up certificate to a vault.
Restores a backed up certificate, and all its versions, to a vault.
this operation requires the certificates/restore permission.
:param bytes backup: The backup blob associated with a certificate bundle.
:return: The restored Certificate
:rtype: ~azure.keyvault.certificates.models.Certificate
:raises: :class:`~azure.core.exceptions.HttpResponseError`
Example:
.. literalinclude:: ../tests/test_examples_certificates_async.py
:start-after: [START restore_certificate]
:end-before: [END restore_certificate]
:language: python
:caption: Restore a certificate backup
:dedent: 8
"""
bundle = await self._client.restore_certificate(
vault_base_url=self.vault_endpoint,
certificate_bundle_backup=backup,
**kwargs)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
async def get_certificate(self, name: str, version: str,
**kwargs: "**Any") -> Certificate:
"""Gets a certificate by version without returning it's management policy.
If you wish to not specify a version or to get the certificate's policy as well,
use the get_certificate_with_policy function.
:param str name: The name of the certificate in the given vault.
:param str version: The version of the certificate.
:returns: An instance of Certificate
:rtype: ~azure.keyvault.certificates.models.Certificate
:raises:
:class:`~azure.core.exceptions.ResourceNotFoundError` if the certificate doesn't exist,
:class:`~azure.core.exceptions.HttpResponseError` for other errors
Example:
.. literalinclude:: ../tests/test_examples_certificates_async.py
:start-after: [START get_certificate]
:end-before: [END get_certificate]
:language: python
:caption: Get a certificate
:dedent: 8
"""
bundle = await self._client.get_certificate(
vault_base_url=self.vault_endpoint,
certificate_name=name,
certificate_version=version,
error_map=_error_map,
**kwargs)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
async def get_certificate_with_policy(self, name: str,
**kwargs: "**Any") -> Certificate:
"""Gets a certificate and returns it's management policy as well.
This operation requires the certificates/get permission. Does not accept the
version of the certificate as a parameter. If you wish to specify version, use
the get_certificate function and specify version.
:param str name: The name of the certificate in the given vault.
:returns: An instance of Certificate
:rtype: ~azure.keyvault.certificates.models.Certificate
:raises:
:class:`~azure.core.exceptions.ResourceNotFoundError` if the certificate doesn't exist,
:class:`~azure.core.exceptions.HttpResponseError` for other errors
Example:
.. literalinclude:: ../tests/test_examples_certificates_async.py
:start-after: [START get_certificate]
:end-before: [END get_certificate]
:language: python
:caption: Get a certificate
:dedent: 8
"""
bundle = await self._client.get_certificate(
vault_base_url=self.vault_url,
certificate_name=name,
certificate_version="",
error_map=error_map,
**kwargs)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
async def merge_certificate(self, name: str, x509_certificates: List[bytearray], **kwargs: "**Any") -> Certificate:
"""Merges a certificate or a certificate chain with a key pair existing on the server.
Performs the merging of a certificate or certificate chain with a key pair currently
available in the service. This operation requires the certificates/create permission.
Make sure when creating the certificate to merge using create_certificate that you set
it's issuer to 'Unknown'. This way Key Vault knows that the certificate will not be signed
by an issuer known to it.
:param str name: The name of the certificate
:param x509_certificates: The certificate or the certificate chain to merge.
:type x509_certificates: list[bytearray]
:return: The merged certificate operation
:rtype: ~azure.keyvault.certificates.models.CertificateOperation
:raises: :class:`~azure.core.exceptions.HttpResponseError`
Keyword arguments
- *enabled (bool)* - Determines whether the object is enabled.
- *tags (dict[str, str])* - Application specific metadata in the form of key-value pairs.
"""
enabled = kwargs.pop("enabled", None)
if enabled is not None:
attributes = self._client.models.CertificateAttributes(enabled=enabled)
else:
attributes = None
bundle = await self._client.merge_certificate(
vault_base_url=self.vault_endpoint,
certificate_name=name,
x509_certificates=x509_certificates,
certificate_attributes=attributes,
**kwargs
)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
async def import_certificate(
self,
name: str,
certificate_bytes: bytes,
password: Optional[str] = None,
policy: Optional[CertificatePolicy] = None,
enabled: Optional[bool] = None,
tags: Optional[Dict[str, str]] = None,
**kwargs: "**Any"
) -> Certificate:
"""Imports a certificate into a specified key vault.
Imports an existing valid certificate, containing a private key, into
Azure Key Vault. The certificate to be imported can be in either PFX or
PEM format. If the certificate is in PEM format the PEM file must
contain the key as well as x509 certificates. This operation requires
the certificates/import permission.
:param str name: The name of the certificate.
:param bytes certificate_bytes: Bytes of the certificate object to import.
This certificate needs to contain the private key.
:param str password: If the private key in the passed in certificate is encrypted,
it is the password used for encryption.
:param policy: The management policy for the certificate.
:type policy:
~azure.keyvault.certificates.models.CertificatePolicy
:param bool enabled: Determines whether the object is enabled.
:param tags: Application specific metadata in the form of key-value pairs.
:type tags: dict[str, str]
:returns: The imported Certificate
:rtype: ~azure.keyvault.certificates.models.Certificate
:raises: :class:`~azure.core.exceptions.HttpResponseError`
"""
if enabled is not None:
attributes = self._client.models.CertificateAttributes(
enabled=enabled
)
else:
attributes = None
base64_encoded_certificate = base64.b64encode(certificate_bytes).decode("utf-8")
bundle = await self._client.import_certificate(
vault_base_url=self.vault_url,
certificate_name=name,
base64_encoded_certificate=base64_encoded_certificate,
password=password,
certificate_policy=CertificatePolicy._to_certificate_policy_bundle(policy),
certificate_attributes=attributes,
tags=tags,
**kwargs
)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
async def update_certificate_properties(
self,
name: str,
version: Optional[str] = None,
enabled: Optional[bool] = None,
tags: Optional[Dict[str, str]] = None,
**kwargs: "**Any"
) -> Certificate:
"""Updates the specified attributes associated with the given certificate.
The UpdateCertificate operation applies the specified update on the
given certificate; the only elements updated are the certificate's
attributes. This operation requires the certificates/update permission.
:param str name: The name of the certificate in the given key vault.
:param str version: The version of the certificate.
:param bool enabled: Determines whether the object is enabled.
:param tags: Application specific metadata in the form of key-value pairs.
:type tags: dict(str, str)
:returns: The updated Certificate
:rtype: ~azure.keyvault.certificates.models.Certificate
:raises: :class:`~azure.core.exceptions.HttpResponseError`
Example:
.. literalinclude:: ../tests/test_examples_certificates_async.py
:start-after: [START update_certificate]
:end-before: [END update_certificate]
:language: python
:caption: Update a certificate's attributes
:dedent: 8
"""
if enabled is not None:
attributes = self._client.models.CertificateAttributes(
enabled=enabled
)
else:
attributes = None
bundle = await self._client.update_certificate(
vault_base_url=self.vault_url,
certificate_name=name,
certificate_version=version or "",
certificate_attributes=attributes,
tags=tags,
**kwargs
)
return Certificate._from_certificate_bundle(certificate_bundle=bundle)
