Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PureBasic) Azure Key Vault Find CertificateSee more Azure Key Vault ExamplesLet's say you have the certificate locally, but not with the private key. You only have the certificate, such as in a .cer file, but not the .pfx. The purpose of this example is to show how to find the same certificate in Azure Key Vault, and return the Azure Key Vault's name for the certificate. Note: This example requires Chilkat v9.5.0.96 or later.
IncludeFile "CkBinData.pb" IncludeFile "CkCert.pb" IncludeFile "CkStringBuilder.pb" IncludeFile "CkJsonObject.pb" IncludeFile "CkHttp.pb" Procedure ChilkatExample() ; This requires the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. ; We have a .cer file locally, and we want to find this same certificate in Azure Key Vault ; because we'll need Azure Key Vault's name (and version) for the certificate if we are going to ask ; Key Vault to sign using the cert's private key. cert.i = CkCert::ckCreate() If cert.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success.i = CkCert::ckLoadFromFile(cert,"qa_data/certs/myCert.cer") If success = 0 Debug CkCert::ckLastErrorText(cert) CkCert::ckDispose(cert) ProcedureReturn EndIf ; Let's the the SHA1 thumbprint for our cert in base64url format. This is the "x5t" member that we'll ; be seeking in the list of certificates returned from Azure Key Vault. bdThumbprint.i = CkBinData::ckCreate() If bdThumbprint.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkBinData::ckAppendEncoded(bdThumbprint,CkCert::ckSha1Thumbprint(cert),"hex") seek_x5t.s = CkBinData::ckGetEncoded(bdThumbprint,"base64url") Debug "Seeking the cert with x5t = " + seek_x5t ; Provide information needed for Chilkat to automatically get an OAuth2 access token as needed. json.i = CkJsonObject::ckCreate() If json.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkJsonObject::ckUpdateString(json,"client_id","APP_ID") CkJsonObject::ckUpdateString(json,"client_secret","APP_PASSWORD") CkJsonObject::ckUpdateString(json,"resource","https://vault.azure.net") CkJsonObject::ckUpdateString(json,"token_endpoint","https://login.microsoftonline.com/TENANT_ID/oauth2/token") http.i = CkHttp::ckCreate() If http.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; Instead of providing an actual access token, we give Chilkat the information that allows it to ; automatically fetch the access token using the OAuth2 client credentials flow. CkHttp::setCkAuthToken(http, CkJsonObject::ckEmit(json)) ; Download JSON containing information about the certs in the Azure Key Vault. ; Replace VAULT_NAME with the name of your Azure Key Vault. sbResponse.i = CkStringBuilder::ckCreate() If sbResponse.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success = CkHttp::ckQuickGetSb(http,"https://VAULT_NAME.vault.azure.net/certificates?api-version=7.4",sbResponse) If success = 0 statusCode.i = CkHttp::ckLastStatus(http) If statusCode = 0 ; We did not get a response from the server.. Debug CkHttp::ckLastErrorText(http) Else ; We received a response, but it was an error. Debug "Error response status code: " + Str(statusCode) Debug "Error response:" Debug CkStringBuilder::ckGetAsString(sbResponse) EndIf CkCert::ckDispose(cert) CkBinData::ckDispose(bdThumbprint) CkJsonObject::ckDispose(json) CkHttp::ckDispose(http) CkStringBuilder::ckDispose(sbResponse) ProcedureReturn EndIf jsonResp.i = CkJsonObject::ckCreate() If jsonResp.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkJsonObject::ckLoadSb(jsonResp,sbResponse) CkJsonObject::setCkEmitCompact(jsonResp, 0) ; The JSON will contain an array of certs like this: ; { ; "value": [ ; { ; "id": "https://kvchilkat.vault.azure.net/certificates/BadSSL", ; "x5t": "U04xLnb8Ww7BKkW9dD7P1cCHNDY", ; "attributes": { ; "enabled": true, ; "nbf": 1674409014, ; "exp": 1737481014, ; "created": 1697294224, ; "updated": 1697294224 ; }, ; "subject": "" ; }, ; ... ; ... ; Find the record having an "x5t" value equal to the one we're seeking. jsonRec.i = CkJsonObject::ckFindRecord(jsonResp,"value","x5t",seek_x5t,1) If CkJsonObject::ckLastMethodSuccess(jsonResp) = 0 Debug "Did not find a matching certificate." Else Debug "Found the matching certificate." ; The id is a value such as https://kvchilkat.vault.azure.net/certificates/BadSSL Debug "id: " + CkJsonObject::ckStringOf(jsonRec,"id") ; The name of the certificate is the last word after the final "/", such as "BadSSL" sbId.i = CkStringBuilder::ckCreate() If sbId.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkStringBuilder::ckAppend(sbId,CkJsonObject::ckStringOf(jsonRec,"id")) certName.s = CkStringBuilder::ckGetAfterFinal(sbId,"/",0) Debug "name: " + certName CkJsonObject::ckDispose(jsonRec) EndIf CkJsonObject::ckDispose(jsonResp) CkCert::ckDispose(cert) CkBinData::ckDispose(bdThumbprint) CkJsonObject::ckDispose(json) CkHttp::ckDispose(http) CkStringBuilder::ckDispose(sbResponse) CkJsonObject::ckDispose(jsonResp) CkStringBuilder::ckDispose(sbId) ProcedureReturn EndProcedure |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.