PureBasic
PureBasic
Azure Key Vault Get the Latest Version of a Certificate
See more Azure Key Vault Examples
Demonstrates how to get the latest version of a certificate in Azure Key Vault.Note: This example requires Chilkat v9.5.0.96 or later.
Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkJsonObject.pb"
Procedure ChilkatExample()
success.i = 0
; This requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
; See Azure Key Vault Get Certificates for a more detailed explanation
; for how Chilkat is automatically getting the OAuth2 access token for your application.
; Provide information needed for Chilkat to automatically get an OAuth2 access token as needed.
json.i = CkJsonObject::ckCreate()
If json.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckUpdateString(json,"client_id","APP_ID")
CkJsonObject::ckUpdateString(json,"client_secret","APP_PASSWORD")
CkJsonObject::ckUpdateString(json,"resource","https://vault.azure.net")
CkJsonObject::ckUpdateString(json,"token_endpoint","https://login.microsoftonline.com/TENANT_ID/oauth2/token")
http.i = CkHttp::ckCreate()
If http.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Instead of providing an actual access token, we give Chilkat the information that allows it to
; automatically fetch the access token using the OAuth2 client credentials flow.
CkHttp::setCkAuthToken(http, CkJsonObject::ckEmit(json))
; Replace VAULT_NAME with the name of your Azure Key Vault.
CkHttp::ckSetUrlVar(http,"certName","importCert01")
sbResponse.i = CkStringBuilder::ckCreate()
If sbResponse.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkHttp::ckQuickGetSb(http,"https://VAULT_NAME.vault.azure.net/certificates/{$certName}?api-version=7.4",sbResponse)
If success = 0
statusCode.i = CkHttp::ckLastStatus(http)
If statusCode = 0
; We did not get a response from the server..
Debug CkHttp::ckLastErrorText(http)
Else
; We received a response, but it was an error.
Debug "Error response status code: " + Str(statusCode)
Debug "Error response:"
Debug CkStringBuilder::ckGetAsString(sbResponse)
EndIf
CkJsonObject::ckDispose(json)
CkHttp::ckDispose(http)
CkStringBuilder::ckDispose(sbResponse)
ProcedureReturn
EndIf
jsonResp.i = CkJsonObject::ckCreate()
If jsonResp.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckLoadSb(jsonResp,sbResponse)
CkJsonObject::setCkEmitCompact(jsonResp, 0)
Debug CkJsonObject::ckEmit(jsonResp)
; A sample JSON response is show at the bottom.
; Let's do two things with the result.
; 1) Load the DER of the cert into a Chilkat Cert object.
; 2) Get the Key Vault version id of the certificate.
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkCert::ckLoadFromBase64(cert,CkJsonObject::ckStringOf(jsonResp,"cer"))
If success = 0
Debug CkCert::ckLastErrorText(cert)
Debug "Failed to load certificate from Base64 DER."
CkJsonObject::ckDispose(json)
CkHttp::ckDispose(http)
CkStringBuilder::ckDispose(sbResponse)
CkJsonObject::ckDispose(jsonResp)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; The Azure Key Vault's "version" of the certificate is the hex string at the end of the "id", "kid", and "sid" JSON members.
; For example: "7140c8755ed14839b5d86a9f7e7f0497"
sbId.i = CkStringBuilder::ckCreate()
If sbId.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkStringBuilder::ckAppend(sbId,CkJsonObject::ckStringOf(jsonResp,"id"))
certVersion.s = CkStringBuilder::ckGetAfterFinal(sbId,"/",0)
Debug "The key vault cert version is " + certVersion
; {
; "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
; "kid": "https://kvchilkat.vault.azure.net/keys/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
; "sid": "https://kvchilkat.vault.azure.net/secrets/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
; "x5t": "I_e3776K5Q_6PN1HHvJoI2ZGQRQ",
; "cer": "MIIGXjCCB .... cjTsi7yIY=",
; "attributes": {
; "enabled": true,
; "nbf": 1633996800,
; "exp": 1728691199,
; "created": 1697411128,
; "updated": 1697411128,
; "recoveryLevel": "CustomizedRecoverable+Purgeable",
; "recoverableDays": 7
; },
; "policy": {
; "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/policy",
; "key_props": {
; "exportable": true,
; "kty": "RSA",
; "key_size": 4096,
; "reuse_key": false
; },
; "secret_props": {
; "contentType": "application/x-pkcs12"
; },
; "x509_props": {
; "subject": "CN=\"Chilkat Software, Inc.\", O=\"Chilkat Software, Inc.\", S=Illinois, C=US",
; "ekus": [
; "1.3.6.1.5.5.7.3.3"
; ],
; "key_usage": [
; "digitalSignature"
; ],
; "validity_months": 37,
; "basic_constraints": {
; "ca": false
; }
; },
; "lifetime_actions": [
; {
; "trigger": {
; "lifetime_percentage": 80
; },
; "action": {
; "action_type": "EmailContacts"
; }
; }
; ],
; "issuer": {
; "name": "Unknown"
; },
; "attributes": {
; "enabled": true,
; "created": 1697411128,
; "updated": 1697411128
; }
; }
; }
CkJsonObject::ckDispose(json)
CkHttp::ckDispose(http)
CkStringBuilder::ckDispose(sbResponse)
CkJsonObject::ckDispose(jsonResp)
CkCert::ckDispose(cert)
CkStringBuilder::ckDispose(sbId)
ProcedureReturn
EndProcedure