async def test_example_certificate_list_operations(self, vault_client,
                                                       **kwargs):
        from azure.keyvault.certificates.aio import CertificatePolicy, KeyProperties, SecretContentType
        certificate_client = vault_client.certificates

        # specify the certificate policy
        cert_policy = CertificatePolicy(key_properties=KeyProperties(
            exportable=True, key_type='RSA', key_size=2048, reuse_key=False),
                                        content_type=SecretContentType.PKCS12,
                                        issuer_name='Self',
                                        subject_name='CN=*.microsoft.com',
                                        validity_in_months=24,
                                        san_dns_names=['sdk.azure-int.net'])

        create_certificate_pollers = []
        for i in range(4):
            create_certificate_pollers.append(
                await certificate_client.create_certificate(
                    name="certificate{}".format(i), policy=cert_policy))

        for poller in create_certificate_pollers:
            await poller

        # [START list_certificates]

        # list certificates
        certificates = certificate_client.list_certificates()

        async for certificate in certificates:
            print(certificate.id)
            print(certificate.created)
            print(certificate.name)
            print(certificate.updated)
            print(certificate.enabled)

        # [END list_certificates]
        # [START list_certificate_versions]

        # get an iterator of all versions of a certificate
        certificate_versions = certificate_client.list_certificate_versions(
            name="cert-name")

        async for certificate in certificate_versions:
            print(certificate.id)
            print(certificate.properties.updated)
            print(certificate.properties.version)

        # [END list_certificate_versions]
        # [START list_deleted_certificates]

        # get an iterator of deleted certificates (requires soft-delete enabled for the vault)
        deleted_certificates = certificate_client.list_deleted_certificates()

        async for certificate in deleted_certificates:
            print(certificate.id)
            print(certificate.name)
            print(certificate.scheduled_purge_date)
            print(certificate.recovery_id)
            print(certificate.deleted_date)
Ejemplo n.º 2
0
async def run_sample():
    # Instantiate a certificate client that will be used to call the service.
    # Notice that the client is using default Azure credentials.
    # To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID',
    # 'AZURE_CLIENT_SECRET' and 'AZURE_TENANT_ID' are set with the service principal credentials.
    vault_url = os.environ["VAULT_URL"]
    credential = DefaultAzureCredential()
    client = CertificateClient(vault_url=vault_url, credential=credential)
    try:

        print("\n.. Create Certificate")
        cert_name = "BackupRestoreCertificate"

        # Let's create a certificate for your key vault.
        # if the certificate already exists in the Key Vault, then a new version of the certificate is created.
        # Awaiting the call returns a KeyVaultCertificate if creation is successful, and a CertificateOperation if not.
        certificate = await client.create_certificate(
            name=cert_name, policy=CertificatePolicy.get_default())

        print("Certificate with name '{0}' created.".format(certificate.name))

        # Backups are good to have, if in case certificates gets deleted accidentally.
        # For long term storage, it is ideal to write the backup to a file.
        print("\n.. Create a backup for an existing certificate")
        certificate_backup = await client.backup_certificate(name=cert_name)
        print("Backup created for certificate with name '{0}'.".format(
            cert_name))

        # The storage account certificate is no longer in use, so you can delete it.
        print("\n.. Delete the certificate")
        await client.delete_certificate(name=cert_name)
        print("Deleted Certificate with name '{0}'".format(cert_name))

        # In future, if the certificate is required again, we can use the backup value to restore it in the Key Vault.
        print(
            "\n.. Restore the certificate using the backed up certificate bytes"
        )
        certificate = await client.restore_certificate_backup(
            certificate_backup)
        print("Restored Certificate with name '{0}'".format(certificate.name))

    except HttpResponseError as e:
        print("\nrun_sample has caught an error. {0}".format(e.message))

    finally:
        print("\nrun_sample done")
    async def test_example_certificate_backup_restore(self, vault_client,
                                                      **kwargs):
        from azure.keyvault.certificates.aio import CertificatePolicy, KeyProperties, SecretContentType
        import asyncio
        certificate_client = vault_client.certificates

        # specify the certificate policy
        cert_policy = CertificatePolicy(key_properties=KeyProperties(
            exportable=True, key_type='RSA', key_size=2048, reuse_key=False),
                                        content_type=SecretContentType.PKCS12,
                                        issuer_name='Self',
                                        subject_name='CN=*.microsoft.com',
                                        validity_in_months=24,
                                        san_dns_names=['sdk.azure-int.net'])

        cert_name = "cert-name"
        create_certificate_poller = await certificate_client.create_certificate(
            name=cert_name, policy=cert_policy)

        await create_certificate_poller

        # [START backup_certificate]

        # backup certificate
        certificate_backup = await certificate_client.backup_certificate(
            name=cert_name)

        # returns the raw bytes of the backed up certificate
        print(certificate_backup)

        # [END backup_certificate]

        await certificate_client.delete_certificate(name=cert_name)

        # [START restore_certificate]

        # restores a certificate backup
        restored_certificate = await certificate_client.restore_certificate(
            certificate_backup)
        print(restored_certificate.id)
        print(restored_certificate.name)
        print(restored_certificate.properties.version)
    async def test_example_certificate_recover(self, vault_client, **kwargs):
        from azure.keyvault.certificates.aio import CertificatePolicy, KeyProperties, SecretContentType
        from azure.core.exceptions import HttpResponseError
        certificate_client = vault_client.certificates

        # specify the certificate policy
        cert_policy = CertificatePolicy(key_properties=KeyProperties(
            exportable=True, key_type='RSA', key_size=2048, reuse_key=False),
                                        content_type=SecretContentType.PKCS12,
                                        issuer_name='Self',
                                        subject_name='CN=*.microsoft.com',
                                        validity_in_months=24,
                                        san_dns_names=['sdk.azure-int.net'])

        cert_name = "cert-name"
        create_certificate_poller = await certificate_client.create_certificate(
            name=cert_name, policy=cert_policy)
        await create_certificate_poller

        await certificate_client.delete_certificate(name=cert_name)
        await self._poll_until_no_exception(
            certificate_client.get_deleted_certificate,
            cert_name,
            expected_exception=HttpResponseError)

        # [START get_deleted_certificate]

        # get a deleted certificate (requires soft-delete enabled for the vault)
        deleted_certificate = await certificate_client.get_deleted_certificate(
            name="cert-name")
        print(deleted_certificate.name)

        # [END get_deleted_certificate]
        # [START recover_deleted_certificate]

        # recover deleted certificate to its latest version (requires soft-delete enabled for the vault)
        recovered_certificate = await certificate_client.recover_deleted_certificate(
            name="cert-name")
        print(recovered_certificate.id)
        print(recovered_certificate.name)
    async def test_example_certificate_crud_operations(self, vault_client, **kwargs):
        certificate_client = vault_client.certificates
        # [START create_certificate]
        from azure.keyvault.certificates.aio import CertificatePolicy, KeyProperties, SecretContentType
        # specify the certificate policy
        cert_policy = CertificatePolicy(key_properties=KeyProperties(exportable=True,
                                                                     key_type='RSA',
                                                                     key_size=2048,
                                                                     reuse_key=False),
                                        content_type=SecretContentType.PKCS12,
                                        issuer_name='Self',
                                        subject_name='CN=*.microsoft.com',
                                        validity_in_months=24,
                                        san_dns_names=['sdk.azure-int.net']
                                        )
        cert_name = "cert-name"
        # create a certificate with optional arguments, returns an async poller
        create_certificate_poller = await certificate_client.create_certificate(name=cert_name, policy=cert_policy)

        # awaiting the certificate poller gives us the result of the long running operation
        certificate = await create_certificate_poller

        print(certificate.id)
        print(certificate.name)
        print(certificate.policy.issuer_name)

        # [END create_certificate]

        # [START get_certificate]

        # get the latest version of a certificate
        certificate = await certificate_client.get_certificate_with_policy(name=cert_name)

        print(certificate.id)
        print(certificate.name)
        print(certificate.policy.issuer_name)

        # [END get_certificate]
        # [START update_certificate]

        # update attributes of an existing certificate
        tags = {"foo": "updated tag"}
        updated_certificate = await certificate_client.update_certificate(certificate.name, tags=tags)

        print(updated_certificate.version)
        print(updated_certificate.updated)
        print(updated_certificate.tags)

        # [END update_certificate]
        # [START delete_certificate]

        # delete a certificate
        deleted_certificate = await certificate_client.delete_certificate(name=cert_name)

        print(deleted_certificate.name)

        # if the vault has soft-delete enabled, the certificate's
        # scheduled purge date, deleted_date, and recovery id are available
        print(deleted_certificate.deleted_date)
        print(deleted_certificate.scheduled_purge_date)
        print(deleted_certificate.recovery_id)