|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi DLL) Easy Method to Import Certificate to Azure Key VaultDemonstrates an easier method to import certificate with private key to an Azure key vault. Note: This example requires Chilkat v9.5.0.96 or later.
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Cert, JsonObject; ... procedure TForm1.Button1Click(Sender: TObject); var cert: HCkCert; success: Boolean; json: HCkJsonObject; jsonOut: HCkJsonObject; begin cert := CkCert_Create(); // The certificate must originate from a source where the private key material is available to be included // in the upload to Azure Key Vault. success := CkCert_LoadPfxFile(cert,'qa_data/pfx/myCert.pfx','pfx_password'); if (success = False) then begin Memo1.Lines.Add(CkCert__lastErrorText(cert)); Exit; end; json := CkJsonObject_Create(); // Indicate this request is to upload to Azure Key Vault. CkJsonObject_UpdateString(json,'service','azure-keyvault'); // Provide your OAuth2 client credentials for your Azure App (service principal) that has // the required Role-Based Access Control (RBAC) permissions. CkJsonObject_UpdateString(json,'auth.client_id','APP_ID'); CkJsonObject_UpdateString(json,'auth.client_secret','APP_PASSWORD'); CkJsonObject_UpdateString(json,'auth.tenant_id','TENANT_ID'); // Indicate the key vault name CkJsonObject_UpdateString(json,'vault_name','VAULT_NAME'); // When you import a certificate into an Azure Key Vault, the certificate name and vault name are included as // parts of the URL to specify the target location where the certificate should be stored. // The URL follows a specific format to identify the target Key Vault and the certificate within it. // Here's how the certificate name and vault name are incorporated into the URL: // https://VAULT_NAME.vault.azure.net//certificates/CERT_NAME/import?api-version=7.4 // Specify an arbitrary certificate name, but one that can be used in a URL as shown above. (i.e. alphanumeric with no SPACE chars) CkJsonObject_UpdateString(json,'cert_name','CERT_NAME'); // Add optional tags if desired. Tags can be anything you want. CkJsonObject_UpdateString(json,'tags.serial',CkCert__serialNumber(cert)); CkJsonObject_UpdateString(json,'tags.issuer',CkCert__issuerCN(cert)); CkJsonObject_UpdateString(json,'tags.subject',CkCert__subjectCN(cert)); // OK.. everything is specified. Simply call UploadToCloud. jsonOut := CkJsonObject_Create(); CkJsonObject_putEmitCompact(jsonOut,False); success := CkCert_UploadToCloud(cert,json,jsonOut); if (success = False) then begin Memo1.Lines.Add(CkCert__lastErrorText(cert)); Memo1.Lines.Add(CkJsonObject__emit(jsonOut)); Exit; end; // Success! Go to the Azure portal and refresh to see the certificate has been uploaded. // The jsonOut provides the JSON response from the Azure server. Memo1.Lines.Add(CkJsonObject__emit(jsonOut)); Memo1.Lines.Add('Success'); // Here is sample jsonOut // { // "id": "https://kvchilkat.vault.azure.net/certificates/ChilkatTestCert123/b6e997db70144435a49d924be9f260ef", // "kid": "https://kvchilkat.vault.azure.net/keys/ChilkatTestCert123/b6e997db70144435a49d924be9f260ef", // "sid": "https://kvchilkat.vault.azure.net/secrets/ChilkatTestCert123/b6e997db70144435a49d924be9f260ef", // "x5t": "I_e3776K5Q_6PN1HHvJoI2ZGQRQ", // "cer": "MIIGXjCCBMagAw ... z50cjTsi7yIY=", // "attributes": { // "enabled": true, // "nbf": 1633996800, // "exp": 1728691199, // "created": 1697754785, // "updated": 1697754785, // "recoveryLevel": "CustomizedRecoverable+Purgeable", // "recoverableDays": 7 // }, // "tags": { // "serial": "3FF5B69109BFD4046C92CC0D18EE23C2", // "issuer": "Sectigo Public Code Signing CA R36", // "subject": "Chilkat Software, Inc." // }, // "policy": { // "id": "https://kvchilkat.vault.azure.net/certificates/ChilkatTestCert123/policy", // "key_props": { // "exportable": true, // "kty": "RSA", // "key_size": 4096, // "reuse_key": false // }, // "secret_props": { // "contentType": "application/x-pkcs12" // }, // "x509_props": { // "subject": "CN=\"Chilkat Software, Inc.\", O=\"Chilkat Software, Inc.\", S=Illinois, C=US", // "ekus": [ // "1.3.6.1.5.5.7.3.3" // ], // "key_usage": [ // "digitalSignature" // ], // "validity_months": 37, // "basic_constraints": { // "ca": false // } // }, // "lifetime_actions": [ // { // "trigger": { // "lifetime_percentage": 80 // }, // "action": { // "action_type": "EmailContacts" // } // } // ], // "issuer": { // "name": "Unknown" // }, // "attributes": { // "enabled": true, // "created": 1697754785, // "updated": 1697754785 // } // } // } CkCert_Dispose(cert); CkJsonObject_Dispose(json); CkJsonObject_Dispose(jsonOut); end; |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.