PowerBuilder
PowerBuilder
Azure Key Vault Find Certificate
See more Azure Key Vault Examples
Let's say you have the certificate locally, but not with the private key. You only have the certificate, such as in a .cer file, but not the .pfx. The purpose of this example is to show how to find the same certificate in Azure Key Vault, and return the Azure Key Vault's name for the certificate.Note: This example requires Chilkat v9.5.0.96 or later.
Chilkat PowerBuilder Downloads
integer li_rc
integer li_Success
oleobject loo_Cert
oleobject loo_BdThumbprint
string ls_Seek_x5t
oleobject loo_Json
oleobject loo_Http
oleobject loo_SbResponse
integer li_StatusCode
oleobject loo_JsonResp
oleobject loo_JsonRec
oleobject loo_SbId
string ls_CertName
li_Success = 0
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// We have a .cer file locally, and we want to find this same certificate in Azure Key Vault
// because we'll need Azure Key Vault's name (and version) for the certificate if we are going to ask
// Key Vault to sign using the cert's private key.
loo_Cert = create oleobject
li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert")
if li_rc < 0 then
destroy loo_Cert
MessageBox("Error","Connecting to COM object failed")
return
end if
li_Success = loo_Cert.LoadFromFile("qa_data/certs/myCert.cer")
if li_Success = 0 then
Write-Debug loo_Cert.LastErrorText
destroy loo_Cert
return
end if
// Let's the the SHA1 thumbprint for our cert in base64url format. This is the "x5t" member that we'll
// be seeking in the list of certificates returned from Azure Key Vault.
loo_BdThumbprint = create oleobject
li_rc = loo_BdThumbprint.ConnectToNewObject("Chilkat.BinData")
loo_BdThumbprint.AppendEncoded(loo_Cert.Sha1Thumbprint,"hex")
ls_Seek_x5t = loo_BdThumbprint.GetEncoded("base64url")
Write-Debug "Seeking the cert with x5t = " + ls_Seek_x5t
// Provide information needed for Chilkat to automatically get an OAuth2 access token as needed.
loo_Json = create oleobject
li_rc = loo_Json.ConnectToNewObject("Chilkat.JsonObject")
loo_Json.UpdateString("client_id","APP_ID")
loo_Json.UpdateString("client_secret","APP_PASSWORD")
loo_Json.UpdateString("resource","https://vault.azure.net")
loo_Json.UpdateString("token_endpoint","https://login.microsoftonline.com/TENANT_ID/oauth2/token")
loo_Http = create oleobject
li_rc = loo_Http.ConnectToNewObject("Chilkat.Http")
// Instead of providing an actual access token, we give Chilkat the information that allows it to
// automatically fetch the access token using the OAuth2 client credentials flow.
loo_Http.AuthToken = loo_Json.Emit()
// Download JSON containing information about the certs in the Azure Key Vault.
// Replace VAULT_NAME with the name of your Azure Key Vault.
loo_SbResponse = create oleobject
li_rc = loo_SbResponse.ConnectToNewObject("Chilkat.StringBuilder")
li_Success = loo_Http.QuickGetSb("https://VAULT_NAME.vault.azure.net/certificates?api-version=7.4",loo_SbResponse)
if li_Success = 0 then
li_StatusCode = loo_Http.LastStatus
if li_StatusCode = 0 then
// We did not get a response from the server..
Write-Debug loo_Http.LastErrorText
else
// We received a response, but it was an error.
Write-Debug "Error response status code: " + string(li_StatusCode)
Write-Debug "Error response:"
Write-Debug loo_SbResponse.GetAsString()
end if
destroy loo_Cert
destroy loo_BdThumbprint
destroy loo_Json
destroy loo_Http
destroy loo_SbResponse
return
end if
loo_JsonResp = create oleobject
li_rc = loo_JsonResp.ConnectToNewObject("Chilkat.JsonObject")
loo_JsonResp.LoadSb(loo_SbResponse)
loo_JsonResp.EmitCompact = 0
// The JSON will contain an array of certs like this:
// {
// "value": [
// {
// "id": "https://kvchilkat.vault.azure.net/certificates/BadSSL",
// "x5t": "U04xLnb8Ww7BKkW9dD7P1cCHNDY",
// "attributes": {
// "enabled": true,
// "nbf": 1674409014,
// "exp": 1737481014,
// "created": 1697294224,
// "updated": 1697294224
// },
// "subject": ""
// },
// ...
// ...
// Find the record having an "x5t" value equal to the one we're seeking.
loo_JsonRec = loo_JsonResp.FindRecord("value","x5t",ls_Seek_x5t,1)
if loo_JsonResp.LastMethodSuccess = 0 then
Write-Debug "Did not find a matching certificate."
else
Write-Debug "Found the matching certificate."
// The id is a value such as https://kvchilkat.vault.azure.net/certificates/BadSSL
Write-Debug "id: " + loo_JsonRec.StringOf("id")
// The name of the certificate is the last word after the final "/", such as "BadSSL"
loo_SbId = create oleobject
li_rc = loo_SbId.ConnectToNewObject("Chilkat.StringBuilder")
loo_SbId.Append(loo_JsonRec.StringOf("id"))
ls_CertName = loo_SbId.GetAfterFinal("/",0)
Write-Debug "name: " + ls_CertName
destroy loo_JsonRec
end if
destroy loo_JsonResp
destroy loo_Cert
destroy loo_BdThumbprint
destroy loo_Json
destroy loo_Http
destroy loo_SbResponse
destroy loo_JsonResp
destroy loo_SbId