def backup_restore_certificate(self): """ backs up a key vault certificate and restores it to another key vault """ # create a key vault first_vault = self.create_vault() # create a certificate client credential = DefaultAzureCredential() first_certificate_client = CertificateClient( vault_url=first_vault.properties.vault_uri, credential=credential) # add a certificate to the vault certificate_name = get_name('certificate') certificate = first_certificate_client.begin_create_certificate( certificate_name, CertificatePolicy.get_default()).result() print('created certificate {}'.format(certificate.name)) # list the certificates in the vault certificate_properties = first_certificate_client.list_properties_of_certificates( ) print("all of the certificates in the client's vault:") for certificate_property in certificate_properties: print(certificate_property.name) # backup the certificate backup = first_certificate_client.backup_certificate(certificate_name) print('backed up certificate {}'.format(certificate_name)) # create a second vault second_vault = self.create_vault() # create a certificate client second_certificate_client = CertificateClient( vault_url=second_vault.properties.vault_uri, credential=credential) # restore the certificate to the new vault restored = second_certificate_client.restore_certificate_backup(backup) print('restored certificate {}'.format(restored.name)) # list the certificates in the new vault certificate_properties = second_certificate_client.list_properties_of_certificates( ) print("all of the certificates in the new vault:") for certificate_property in certificate_properties: print(certificate_property.name)
# A long running poller is returned for the create certificate operation. create_certificate_poller = client.begin_create_certificate( name=cert_name, policy=CertificatePolicy.get_default()) # The result call awaits the completion of the create certificate operation and returns the final result. # It will return a certificate if creation is successful, and will return the CertificateOperation if not. certificate = create_certificate_poller.result() print("Certificate with name '{0}' created.".format(cert_name)) # Backups are good to have, if in case certificates gets deleted accidentally. # For long term storage, it is ideal to write the backup to a file. print("\n.. Create a backup for an existing certificate") certificate_backup = client.backup_certificate(name=cert_name) print("Backup created for certificate with name '{0}'.".format(cert_name)) # The storage account certificate is no longer in use, so you can delete it. print("\n.. Delete the certificate") client.delete_certificate(name=cert_name) print("Deleted certificate '{0}'".format(cert_name)) # In future, if the certificate is required again, we can use the backup value to restore it in the Key Vault. print("\n.. Restore the certificate from the backup") certificate = client.restore_certificate_backup(certificate_backup) print("Restored Certificate with name '{0}'".format(certificate.name)) except HttpResponseError as e: print("\nrun_sample has caught an error. {0}".format(e.message)) finally: print("\nrun_sample done")