CkPython
CkPython
Azure Key Vault Get the Latest Version of a Certificate
See more Azure Key Vault Examples
Demonstrates how to get the latest version of a certificate in Azure Key Vault.Note: This example requires Chilkat v9.5.0.96 or later.
Chilkat CkPython Downloads
import sys
import chilkat
success = False
# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# See Azure Key Vault Get Certificates for a more detailed explanation
# for how Chilkat is automatically getting the OAuth2 access token for your application.
# Provide information needed for Chilkat to automatically get an OAuth2 access token as needed.
json = chilkat.CkJsonObject()
json.UpdateString("client_id","APP_ID")
json.UpdateString("client_secret","APP_PASSWORD")
json.UpdateString("resource","https://vault.azure.net")
json.UpdateString("token_endpoint","https://login.microsoftonline.com/TENANT_ID/oauth2/token")
http = chilkat.CkHttp()
# Instead of providing an actual access token, we give Chilkat the information that allows it to
# automatically fetch the access token using the OAuth2 client credentials flow.
http.put_AuthToken(json.emit())
# Replace VAULT_NAME with the name of your Azure Key Vault.
http.SetUrlVar("certName","importCert01")
sbResponse = chilkat.CkStringBuilder()
success = http.QuickGetSb("https://VAULT_NAME.vault.azure.net/certificates/{$certName}?api-version=7.4",sbResponse)
if (success == False):
statusCode = http.get_LastStatus()
if (statusCode == 0):
# We did not get a response from the server..
print(http.lastErrorText())
else:
# We received a response, but it was an error.
print("Error response status code: " + str(statusCode))
print("Error response:")
print(sbResponse.getAsString())
sys.exit()
jsonResp = chilkat.CkJsonObject()
jsonResp.LoadSb(sbResponse)
jsonResp.put_EmitCompact(False)
print(jsonResp.emit())
# A sample JSON response is show at the bottom.
# Let's do two things with the result.
# 1) Load the DER of the cert into a Chilkat Cert object.
# 2) Get the Key Vault version id of the certificate.
cert = chilkat.CkCert()
success = cert.LoadFromBase64(jsonResp.stringOf("cer"))
if (success == False):
print(cert.lastErrorText())
print("Failed to load certificate from Base64 DER.")
sys.exit()
# The Azure Key Vault's "version" of the certificate is the hex string at the end of the "id", "kid", and "sid" JSON members.
# For example: "7140c8755ed14839b5d86a9f7e7f0497"
sbId = chilkat.CkStringBuilder()
sbId.Append(jsonResp.stringOf("id"))
certVersion = sbId.getAfterFinal("/",False)
print("The key vault cert version is " + certVersion)
# {
# "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
# "kid": "https://kvchilkat.vault.azure.net/keys/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
# "sid": "https://kvchilkat.vault.azure.net/secrets/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
# "x5t": "I_e3776K5Q_6PN1HHvJoI2ZGQRQ",
# "cer": "MIIGXjCCB .... cjTsi7yIY=",
# "attributes": {
# "enabled": true,
# "nbf": 1633996800,
# "exp": 1728691199,
# "created": 1697411128,
# "updated": 1697411128,
# "recoveryLevel": "CustomizedRecoverable+Purgeable",
# "recoverableDays": 7
# },
# "policy": {
# "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/policy",
# "key_props": {
# "exportable": true,
# "kty": "RSA",
# "key_size": 4096,
# "reuse_key": false
# },
# "secret_props": {
# "contentType": "application/x-pkcs12"
# },
# "x509_props": {
# "subject": "CN=\"Chilkat Software, Inc.\", O=\"Chilkat Software, Inc.\", S=Illinois, C=US",
# "ekus": [
# "1.3.6.1.5.5.7.3.3"
# ],
# "key_usage": [
# "digitalSignature"
# ],
# "validity_months": 37,
# "basic_constraints": {
# "ca": false
# }
# },
# "lifetime_actions": [
# {
# "trigger": {
# "lifetime_percentage": 80
# },
# "action": {
# "action_type": "EmailContacts"
# }
# }
# ],
# "issuer": {
# "name": "Unknown"
# },
# "attributes": {
# "enabled": true,
# "created": 1697411128,
# "updated": 1697411128
# }
# }
# }