DataFlex
DataFlex
Azure Key Vault Import Certificate
See more Azure Key Vault Examples
Imports a certificate into a specified Azure key vault.Imports an existing valid certificate, containing a private key, into Azure Key Vault. The certificate to be imported can be in either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format.
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoJson
String sPfxFilePath
Handle hoBdPfx
Handle hoCert
Variant vPrivKey
Handle hoPrivKey
Handle hoJwk
Handle hoSbKty
Handle hoSbCurve
Variant vJsonBody
Handle hoJsonBody
Handle hoHttp
String sUrl
Variant vResp
Handle hoResp
Integer iStatusCode
Variant vJsonResp
Handle hoJsonResp
String sStrVal
Integer iLifetime_percentage
String sAction_type
String sId
String sKid
String sSid
String sX5t
String sCer
Boolean iEnabled
Integer iNbf
Integer iExp
Integer iCreated
Integer iUpdated
String sRecoveryLevel
Integer iRecoverableDays
String sId
Boolean iExportable
String sKty
Integer iKey_size
Boolean iReuse_key
String sContentType
String sSubject
Integer iValidity_months
Boolean iCa
String sName
Boolean iAttributesEnabled
Integer iAttributesCreated
Integer iAttributesUpdated
Integer i
Integer iCount_i
String sTemp1
Integer iTemp1
Boolean bTemp1
Move False To iSuccess
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// See Azure Key Vault Get Certificates for a more detailed explanation
// for how Chilkat is automatically getting the OAuth2 access token for your application.
// Provide information needed for Chilkat to automatically get an OAuth2 access token as needed.
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Get ComUpdateString Of hoJson "client_id" "APP_ID" To iSuccess
Get ComUpdateString Of hoJson "client_secret" "APP_PASSWORD" To iSuccess
Get ComUpdateString Of hoJson "resource" "https://vault.azure.net" To iSuccess
Get ComUpdateString Of hoJson "token_endpoint" "https://login.microsoftonline.com/TENANT_ID/oauth2/token" To iSuccess
// Note: This example is using a relative file path. You can also specify a full file path, such as "C:/someDir/myCertAndKey.pfx"
// or a file path the makes sense on non-Windows operating systems..
Move "qa_data/pfx/myCertAndKey.pfx" To sPfxFilePath
// Load the PFX file to be imported to the Azure Key Vault.
Get Create (RefClass(cComChilkatBinData)) To hoBdPfx
If (Not(IsComObjectCreated(hoBdPfx))) Begin
Send CreateComObject of hoBdPfx
End
Get ComLoadFile Of hoBdPfx sPfxFilePath To iSuccess
If (iSuccess = False) Begin
Showln "Failed to load the PFX file."
Procedure_Return
End
// We'll be sending a POST request like this:
// POST https://myvault.vault.azure.net//certificates/importCert01/import?api-version=7.4
//
// {
// "value": "MIIJ...",
// "pwd": "123",
// "policy": {
// "key_props": {
// "exportable": true,
// "kty": "RSA",
// "key_size": 2048,
// "reuse_key": false
// },
// "secret_props": {
// "contentType": "application/x-pkcs12"
// }
// }
// }
// Also load the PFX into the Chilkat certificate object so we can get
// information about the key type and size.
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadPfxFile Of hoCert sPfxFilePath "pfx_password" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get pvComObject of hoPrivKey to vPrivKey
Get ComGetPrivateKey Of hoCert vPrivKey To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Get the private key as a JWK so we can get information about it..
Get Create (RefClass(cComChilkatJsonObject)) To hoJwk
If (Not(IsComObjectCreated(hoJwk))) Begin
Send CreateComObject of hoJwk
End
Get ComGetJwk Of hoPrivKey To sTemp1
Get ComLoad Of hoJwk sTemp1 To iSuccess
// Get the key type
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbKty
If (Not(IsComObjectCreated(hoSbKty))) Begin
Send CreateComObject of hoSbKty
End
Get ComStringOf Of hoJwk "kty" To sTemp1
Get ComAppend Of hoSbKty sTemp1 To iSuccess
// If this is an EC key, get the curve name
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbCurve
If (Not(IsComObjectCreated(hoSbCurve))) Begin
Send CreateComObject of hoSbCurve
End
Get ComHasMember Of hoJwk "crv" To bTemp1
If (bTemp1 = True) Begin
Get ComStringOf Of hoJwk "crv" To sTemp1
Get ComAppend Of hoSbCurve sTemp1 To iSuccess
End
// Build the JSON that will be the body of the HTTP POST.
Get Create (RefClass(cComChilkatJsonObject)) To hoJsonBody
If (Not(IsComObjectCreated(hoJsonBody))) Begin
Send CreateComObject of hoJsonBody
End
Get ComGetEncoded Of hoBdPfx "base64" To sTemp1
Get ComUpdateString Of hoJsonBody "value" sTemp1 To iSuccess
Get ComUpdateString Of hoJsonBody "pwd" "pfx_password" To iSuccess
Get ComUpdateBool Of hoJsonBody "policy.key_props.exportable" True To iSuccess
Get ComGetAsString Of hoSbKty To sTemp1
Get ComUpdateString Of hoJsonBody "policy.key_props.kty" sTemp1 To iSuccess
Get ComContentsEqual Of hoSbKty "RSA" False To bTemp1
If (bTemp1 = True) Begin
Get ComBitLength Of hoPrivKey To iTemp1
Get ComUpdateInt Of hoJsonBody "policy.key_props.key_size" iTemp1 To iSuccess
End
Get ComContentsEqual Of hoSbKty "EC" False To bTemp1
If (bTemp1 = True) Begin
Get ComGetAsString Of hoSbCurve To sTemp1
Get ComUpdateString Of hoJsonBody "policy.key_props.crv" sTemp1 To iSuccess
End
Get ComUpdateBool Of hoJsonBody "policy.key_props.reuse_key" False To iSuccess
Get ComUpdateString Of hoJsonBody "policy.secret_props.contentType" "application/x-pkcs12" To iSuccess
Get Create (RefClass(cComChilkatHttp)) To hoHttp
If (Not(IsComObjectCreated(hoHttp))) Begin
Send CreateComObject of hoHttp
End
// Instead of providing an actual access token, we give Chilkat the information that allows it to
// automatically fetch the access token using the OAuth2 client credentials flow.
Get ComEmit Of hoJson To sTemp1
Set ComAuthToken Of hoHttp To sTemp1
// Choose anything to be the name of your imported certificate.
Get ComSetUrlVar Of hoHttp "certificateName" "importCert01" To iSuccess
// Note: Replace "VAULT_NAME" with the name of your Azure key vault.
Move "https://VAULT_NAME.vault.azure.net/certificates/{$certificateName}/import?api-version=7.4" To sUrl
Get Create (RefClass(cComChilkatHttpResponse)) To hoResp
If (Not(IsComObjectCreated(hoResp))) Begin
Send CreateComObject of hoResp
End
Get pvComObject of hoJsonBody to vJsonBody
Get pvComObject of hoResp to vResp
Get ComHttpJson Of hoHttp "POST" sUrl vJsonBody "application/json" vResp To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoHttp To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComStatusCode Of hoResp To iStatusCode
Get Create (RefClass(cComChilkatJsonObject)) To hoJsonResp
If (Not(IsComObjectCreated(hoJsonResp))) Begin
Send CreateComObject of hoJsonResp
End
Get pvComObject of hoJsonResp to vJsonResp
Get ComGetBodyJson Of hoResp vJsonResp To iSuccess
Set ComEmitCompact Of hoJsonResp To False
Get ComEmit Of hoJsonResp To sTemp1
Showln sTemp1
If (iStatusCode <> 200) Begin
Showln "Failed."
Procedure_Return
End
// A successful JSON response looks like this:
// {
// "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
// "kid": "https://kvchilkat.vault.azure.net/keys/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
// "sid": "https://kvchilkat.vault.azure.net/secrets/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
// "x5t": "I_e3776K5Q_6PN1HHvJoI2ZGQRQ",
// "cer": "MIIG ... jTsi7yIY=",
// "attributes": {
// "enabled": true,
// "nbf": 1633996800,
// "exp": 1728691199,
// "created": 1697411128,
// "updated": 1697411128,
// "recoveryLevel": "CustomizedRecoverable+Purgeable",
// "recoverableDays": 7
// },
// "policy": {
// "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/policy",
// "key_props": {
// "exportable": true,
// "kty": "RSA",
// "key_size": 4096,
// "reuse_key": false
// },
// "secret_props": {
// "contentType": "application/x-pkcs12"
// },
// "x509_props": {
// "subject": "CN=\"Chilkat Software, Inc.\", O=\"Chilkat Software, Inc.\", S=Illinois, C=US",
// "ekus": [
// "1.3.6.1.5.5.7.3.3"
// ],
// "key_usage": [
// "digitalSignature"
// ],
// "validity_months": 37,
// "basic_constraints": {
// "ca": false
// }
// },
// "lifetime_actions": [
// {
// "trigger": {
// "lifetime_percentage": 80
// },
// "action": {
// "action_type": "EmailContacts"
// }
// }
// ],
// "issuer": {
// "name": "Unknown"
// },
// "attributes": {
// "enabled": true,
// "created": 1697411128,
// "updated": 1697411128
// }
// }
// }
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
Get ComStringOf Of hoJsonResp "id" To sId
Get ComStringOf Of hoJsonResp "kid" To sKid
Get ComStringOf Of hoJsonResp "sid" To sSid
Get ComStringOf Of hoJsonResp "x5t" To sX5t
Get ComStringOf Of hoJsonResp "cer" To sCer
Get ComBoolOf Of hoJsonResp "attributes.enabled" To iEnabled
Get ComIntOf Of hoJsonResp "attributes.nbf" To iNbf
Get ComIntOf Of hoJsonResp "attributes.exp" To iExp
Get ComIntOf Of hoJsonResp "attributes.created" To iCreated
Get ComIntOf Of hoJsonResp "attributes.updated" To iUpdated
Get ComStringOf Of hoJsonResp "attributes.recoveryLevel" To sRecoveryLevel
Get ComIntOf Of hoJsonResp "attributes.recoverableDays" To iRecoverableDays
Get ComStringOf Of hoJsonResp "policy.id" To sId
Get ComBoolOf Of hoJsonResp "policy.key_props.exportable" To iExportable
Get ComStringOf Of hoJsonResp "policy.key_props.kty" To sKty
Get ComIntOf Of hoJsonResp "policy.key_props.key_size" To iKey_size
Get ComBoolOf Of hoJsonResp "policy.key_props.reuse_key" To iReuse_key
Get ComStringOf Of hoJsonResp "policy.secret_props.contentType" To sContentType
Get ComStringOf Of hoJsonResp "policy.x509_props.subject" To sSubject
Get ComIntOf Of hoJsonResp "policy.x509_props.validity_months" To iValidity_months
Get ComBoolOf Of hoJsonResp "policy.x509_props.basic_constraints.ca" To iCa
Get ComStringOf Of hoJsonResp "policy.issuer.name" To sName
Get ComBoolOf Of hoJsonResp "policy.attributes.enabled" To iAttributesEnabled
Get ComIntOf Of hoJsonResp "policy.attributes.created" To iAttributesCreated
Get ComIntOf Of hoJsonResp "policy.attributes.updated" To iAttributesUpdated
Move 0 To i
Get ComSizeOfArray Of hoJsonResp "policy.x509_props.ekus" To iCount_i
While (i < iCount_i)
Set ComI Of hoJsonResp To i
Get ComStringOf Of hoJsonResp "policy.x509_props.ekus[i]" To sStrVal
Move (i + 1) To i
Loop
Move 0 To i
Get ComSizeOfArray Of hoJsonResp "policy.x509_props.key_usage" To iCount_i
While (i < iCount_i)
Set ComI Of hoJsonResp To i
Get ComStringOf Of hoJsonResp "policy.x509_props.key_usage[i]" To sStrVal
Move (i + 1) To i
Loop
Move 0 To i
Get ComSizeOfArray Of hoJsonResp "policy.lifetime_actions" To iCount_i
While (i < iCount_i)
Set ComI Of hoJsonResp To i
Get ComIntOf Of hoJsonResp "policy.lifetime_actions[i].trigger.lifetime_percentage" To iLifetime_percentage
Get ComStringOf Of hoJsonResp "policy.lifetime_actions[i].action.action_type" To sAction_type
Move (i + 1) To i
Loop
End_Procedure