Sample code for 30+ languages & platforms
Tcl

Azure Key Vault Get Certificates

See more Azure Key Vault Examples

Demonstrates how to list the certificates in an Azure Key Vault.

Note: This example requires Chilkat v9.5.0.96 or later.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# We demonstrated how to get an access token for your Azure Key Vault
# in this example: Azure Key Vault Get OAuth2 Access Token using Client Credentials

# However.. starting in Chilkat v9.5.0.96, instead of directly providing Chilkat with the OAuth2 access token,
# you can instead provide the means for Chilkat to automatically get the OAuth2 access token,
# and in addition, Chilkat will automatically re-fetch a new OAuth2 access token as needed, such as shortly 
# prior to or after expiration.

# You do this by setting the AuthToken property to a JSON string that contains the required information.

set json [new_CkJsonObject]

CkJsonObject_UpdateString $json "client_id" "APP_ID"

# The APP_PASSWORD is the "password" returned by the Azure CLI command: az ad sp create-for-rbac --name http://example.com --role Contributor
# See Azure Key Vault Get OAuth2 Access Token using Client Credentials
CkJsonObject_UpdateString $json "client_secret" "APP_PASSWORD"

# The access token will be for Azure Key Vault operations.
CkJsonObject_UpdateString $json "resource" "https://vault.azure.net"

# Specify the token endpoint which includes your tenant ID.
CkJsonObject_UpdateString $json "token_endpoint" "https://login.microsoftonline.com/TENANT_ID/oauth2/token"

set http [new_CkHttp]

# Instead of providing an actual access token, we give Chilkat the information that allows it to 
# automatically fetch the access token using the OAuth2 client credentials flow.
CkHttp_put_AuthToken $http [CkJsonObject_emit $json]

# Replace key_vault_name with the name of your Azure Key Vault.
set sbResponse [new_CkStringBuilder]

set success [CkHttp_QuickGetSb $http "https://key_vault_name.vault.azure.net/certificates?api-version=7.4" $sbResponse]
if {$success == 0} then {

    set statusCode [CkHttp_get_LastStatus $http]
    if {$statusCode == 0} then {
        # We did not get a response from the server..
        puts [CkHttp_lastErrorText $http]
    }     else {
        # We received a response, but it was an error.
        puts "Error response status code: $statusCode"
        puts "Error response:"
        puts [CkStringBuilder_getAsString $sbResponse]
    }

    delete_CkJsonObject $json
    delete_CkHttp $http
    delete_CkStringBuilder $sbResponse
    exit
}

set jsonResp [new_CkJsonObject]

CkJsonObject_LoadSb $jsonResp $sbResponse
CkJsonObject_put_EmitCompact $jsonResp 0

puts [CkJsonObject_emit $jsonResp]

# The output looks like this:

# {
#   "value": [
#     {
#       "id": "https://kvchilkat.vault.azure.net/certificates/BadSSL",
#       "x5t": "U04xLnb8Ww7BKkW9dD7P1cCHNDY",
#       "attributes": {
#         "enabled": true,
#         "nbf": 1674409014,
#         "exp": 1737481014,
#         "created": 1697294224,
#         "updated": 1697294224
#       },
#       "subject": ""
#     },
#     {
#       "id": "https://kvchilkat.vault.azure.net/certificates/Brasil",
#       "x5t": "ayF5eBtlA35xPMivusE0wpmFjnA",
#       "attributes": {
#         "enabled": true,
#         "nbf": 1667830002,
#         "exp": 1699366002,
#         "created": 1697294090,
#         "updated": 1697294090
#       },
#       "subject": ""
#     }
#   ],
#   "nextLink": null
# }

# Use this online tool to generate parsing code from sample JSON: 
# Generate Parsing Code from JSON

set i 0
set count_i [CkJsonObject_SizeOfArray $jsonResp "value"]
while {$i < $count_i} {
    CkJsonObject_put_I $jsonResp $i
    set id [CkJsonObject_stringOf $jsonResp "value[i].id"]
    set x5t [CkJsonObject_stringOf $jsonResp "value[i].x5t"]
    set Enabled [CkJsonObject_BoolOf $jsonResp "value[i].attributes.enabled"]
    set Nbf [CkJsonObject_IntOf $jsonResp "value[i].attributes.nbf"]
    set Exp [CkJsonObject_IntOf $jsonResp "value[i].attributes.exp"]
    set Created [CkJsonObject_IntOf $jsonResp "value[i].attributes.created"]
    set Updated [CkJsonObject_IntOf $jsonResp "value[i].attributes.updated"]
    set subject [CkJsonObject_stringOf $jsonResp "value[i].subject"]
    set i [expr $i + 1]
}

delete_CkJsonObject $json
delete_CkHttp $http
delete_CkStringBuilder $sbResponse
delete_CkJsonObject $jsonResp