(Visual FoxPro) Azure Key Vault Get the Latest Version of a Certificate

See more Azure Key Vault Examples

Demonstrates how to get the latest version of a certificate in Azure Key Vault.

Note: This example requires Chilkat v9.5.0.96 or later.

For more information, see https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/get-certificate/get-certificate?tabs=HTTP

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

LOCAL lnSuccess
LOCAL loJson
LOCAL loHttp
LOCAL loSbResponse
LOCAL lnStatusCode
LOCAL loJsonResp
LOCAL loCert
LOCAL loSbId
LOCAL lcCertVersion

* This requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* See Azure Key Vault Get Certificates for a more detailed explanation
* for how Chilkat is automatically getting the OAuth2 access token for your application.

* Provide information needed for Chilkat to automatically get an OAuth2 access token as needed.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJson = CreateObject('Chilkat.JsonObject')
loJson.UpdateString("client_id","APP_ID")
loJson.UpdateString("client_secret","APP_PASSWORD")
loJson.UpdateString("resource","https://vault.azure.net")
loJson.UpdateString("token_endpoint","https://login.microsoftonline.com/TENANT_ID/oauth2/token")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http')
loHttp = CreateObject('Chilkat.Http')

* Instead of providing an actual access token, we give Chilkat the information that allows it to 
* automatically fetch the access token using the OAuth2 client credentials flow.
loHttp.AuthToken = loJson.Emit()

* Replace VAULT_NAME with the name of your Azure Key Vault.
loHttp.SetUrlVar("certName","importCert01")

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbResponse = CreateObject('Chilkat.StringBuilder')
lnSuccess = loHttp.QuickGetSb("https://VAULT_NAME.vault.azure.net/certificates/{$certName}?api-version=7.4",loSbResponse)
IF (lnSuccess = 0) THEN

    lnStatusCode = loHttp.LastStatus
    IF (lnStatusCode = 0) THEN
        * We did not get a response from the server..
        ? loHttp.LastErrorText
    ELSE
        * We received a response, but it was an error.
        ? "Error response status code: " + STR(lnStatusCode)
        ? "Error response:"
        ? loSbResponse.GetAsString()
    ENDIF

    RELEASE loJson
    RELEASE loHttp
    RELEASE loSbResponse
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonResp = CreateObject('Chilkat.JsonObject')
loJsonResp.LoadSb(loSbResponse)
loJsonResp.EmitCompact = 0

? loJsonResp.Emit()

* A sample JSON response is show at the bottom.

* Let's do two things with the result.
* 1) Load the DER of the cert into a Chilkat Cert object.
* 2) Get the Key Vault version id of the certificate.

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Cert')
loCert = CreateObject('Chilkat.Cert')
lnSuccess = loCert.LoadFromBase64(loJsonResp.StringOf("cer"))
IF (lnSuccess = 0) THEN
    ? loCert.LastErrorText
    ? "Failed to load certificate from Base64 DER."
    RELEASE loJson
    RELEASE loHttp
    RELEASE loSbResponse
    RELEASE loJsonResp
    RELEASE loCert
    CANCEL
ENDIF

* The Azure Key Vault's "version" of the certificate is the hex string at the end of the "id", "kid", and "sid" JSON members.
* For example:  "7140c8755ed14839b5d86a9f7e7f0497"
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbId = CreateObject('Chilkat.StringBuilder')
loSbId.Append(loJsonResp.StringOf("id"))
lcCertVersion = loSbId.GetAfterFinal("/",0)
? "The key vault cert version is " + lcCertVersion

* {
*   "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
*   "kid": "https://kvchilkat.vault.azure.net/keys/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
*   "sid": "https://kvchilkat.vault.azure.net/secrets/importCert01/7140c8755ed14839b5d86a9f7e7f0497",
*   "x5t": "I_e3776K5Q_6PN1HHvJoI2ZGQRQ",
*   "cer": "MIIGXjCCB .... cjTsi7yIY=",
*   "attributes": {
*     "enabled": true,
*     "nbf": 1633996800,
*     "exp": 1728691199,
*     "created": 1697411128,
*     "updated": 1697411128,
*     "recoveryLevel": "CustomizedRecoverable+Purgeable",
*     "recoverableDays": 7
*   },
*   "policy": {
*     "id": "https://kvchilkat.vault.azure.net/certificates/importCert01/policy",
*     "key_props": {
*       "exportable": true,
*       "kty": "RSA",
*       "key_size": 4096,
*       "reuse_key": false
*     },
*     "secret_props": {
*       "contentType": "application/x-pkcs12"
*     },
*     "x509_props": {
*       "subject": "CN=\"Chilkat Software, Inc.\", O=\"Chilkat Software, Inc.\", S=Illinois, C=US",
*       "ekus": [
*         "1.3.6.1.5.5.7.3.3"
*       ],
*       "key_usage": [
*         "digitalSignature"
*       ],
*       "validity_months": 37,
*       "basic_constraints": {
*         "ca": false
*       }
*     },
*     "lifetime_actions": [
*       {
*         "trigger": {
*           "lifetime_percentage": 80
*         },
*         "action": {
*           "action_type": "EmailContacts"
*         }
*       }
*     ],
*     "issuer": {
*       "name": "Unknown"
*     },
*     "attributes": {
*       "enabled": true,
*       "created": 1697411128,
*       "updated": 1697411128
*     }
*   }
* }

RELEASE loJson
RELEASE loHttp
RELEASE loSbResponse
RELEASE loJsonResp
RELEASE loCert
RELEASE loSbId