Unicode C
Unicode C
Easy Method to Import Certificate to Azure Key Vault
See more Azure Key Vault Examples
Demonstrates an easier method to import certificate with private key to an Azure key vault.Note: This example requires Chilkat v9.5.0.96 or later.
Chilkat Unicode C Downloads
#include <C_CkCertW.h>
#include <C_CkJsonObjectW.h>
void ChilkatSample(void)
{
BOOL success;
HCkCertW cert;
HCkJsonObjectW json;
HCkJsonObjectW jsonOut;
success = FALSE;
cert = CkCertW_Create();
// The certificate must originate from a source where the private key material is available to be included
// in the upload to Azure Key Vault.
success = CkCertW_LoadPfxFile(cert,L"qa_data/pfx/myCert.pfx",L"pfx_password");
if (success == FALSE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
CkCertW_Dispose(cert);
return;
}
json = CkJsonObjectW_Create();
// Indicate this request is to upload to Azure Key Vault.
CkJsonObjectW_UpdateString(json,L"service",L"azure-keyvault");
// Provide your OAuth2 client credentials for your Azure App (service principal) that has
// the required Role-Based Access Control (RBAC) permissions.
CkJsonObjectW_UpdateString(json,L"auth.client_id",L"APP_ID");
CkJsonObjectW_UpdateString(json,L"auth.client_secret",L"APP_PASSWORD");
CkJsonObjectW_UpdateString(json,L"auth.tenant_id",L"TENANT_ID");
// Indicate the key vault name
CkJsonObjectW_UpdateString(json,L"vault_name",L"VAULT_NAME");
// When you import a certificate into an Azure Key Vault, the certificate name and vault name are included as
// parts of the URL to specify the target location where the certificate should be stored.
// The URL follows a specific format to identify the target Key Vault and the certificate within it.
// Here's how the certificate name and vault name are incorporated into the URL:
// https://VAULT_NAME.vault.azure.net//certificates/CERT_NAME/import?api-version=7.4
// Specify an arbitrary certificate name, but one that can be used in a URL as shown above. (i.e. alphanumeric with no SPACE chars)
CkJsonObjectW_UpdateString(json,L"cert_name",L"CERT_NAME");
// Add optional tags if desired. Tags can be anything you want.
CkJsonObjectW_UpdateString(json,L"tags.serial",CkCertW_serialNumber(cert));
CkJsonObjectW_UpdateString(json,L"tags.issuer",CkCertW_issuerCN(cert));
CkJsonObjectW_UpdateString(json,L"tags.subject",CkCertW_subjectCN(cert));
// OK.. everything is specified. Simply call UploadToCloud.
jsonOut = CkJsonObjectW_Create();
CkJsonObjectW_putEmitCompact(jsonOut,FALSE);
success = CkCertW_UploadToCloud(cert,json,jsonOut);
if (success == FALSE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
wprintf(L"%s\n",CkJsonObjectW_emit(jsonOut));
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(json);
CkJsonObjectW_Dispose(jsonOut);
return;
}
// Success! Go to the Azure portal and refresh to see the certificate has been uploaded.
// The jsonOut provides the JSON response from the Azure server.
wprintf(L"%s\n",CkJsonObjectW_emit(jsonOut));
wprintf(L"Success\n");
// Here is sample jsonOut
// {
// "id": "https://kvchilkat.vault.azure.net/certificates/ChilkatTestCert123/b6e997db70144435a49d924be9f260ef",
// "kid": "https://kvchilkat.vault.azure.net/keys/ChilkatTestCert123/b6e997db70144435a49d924be9f260ef",
// "sid": "https://kvchilkat.vault.azure.net/secrets/ChilkatTestCert123/b6e997db70144435a49d924be9f260ef",
// "x5t": "I_e3776K5Q_6PN1HHvJoI2ZGQRQ",
// "cer": "MIIGXjCCBMagAw ... z50cjTsi7yIY=",
// "attributes": {
// "enabled": true,
// "nbf": 1633996800,
// "exp": 1728691199,
// "created": 1697754785,
// "updated": 1697754785,
// "recoveryLevel": "CustomizedRecoverable+Purgeable",
// "recoverableDays": 7
// },
// "tags": {
// "serial": "3FF5B69109BFD4046C92CC0D18EE23C2",
// "issuer": "Sectigo Public Code Signing CA R36",
// "subject": "Chilkat Software, Inc."
// },
// "policy": {
// "id": "https://kvchilkat.vault.azure.net/certificates/ChilkatTestCert123/policy",
// "key_props": {
// "exportable": true,
// "kty": "RSA",
// "key_size": 4096,
// "reuse_key": false
// },
// "secret_props": {
// "contentType": "application/x-pkcs12"
// },
// "x509_props": {
// "subject": "CN=\"Chilkat Software, Inc.\", O=\"Chilkat Software, Inc.\", S=Illinois, C=US",
// "ekus": [
// "1.3.6.1.5.5.7.3.3"
// ],
// "key_usage": [
// "digitalSignature"
// ],
// "validity_months": 37,
// "basic_constraints": {
// "ca": false
// }
// },
// "lifetime_actions": [
// {
// "trigger": {
// "lifetime_percentage": 80
// },
// "action": {
// "action_type": "EmailContacts"
// }
// }
// ],
// "issuer": {
// "name": "Unknown"
// },
// "attributes": {
// "enabled": true,
// "created": 1697754785,
// "updated": 1697754785
// }
// }
// }
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(json);
CkJsonObjectW_Dispose(jsonOut);
}