Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[FEATURE REQ] Retrieve certificate with private key using Azure.Security.KeyVault.Certificates.CertificateClient / KeyVaultCertificate

See original GitHub issue

Library or service name. Azure.Security.KeyVault.Certificates

Is your feature request related to a problem? Please describe. KeyVaultCertificate only exposes the public key, and for the private key the Azure.Security.KeyVault.Secrets must be used, where a x509certificate2 must be manually constructed from the byte array.

It would be more convenient to have the option to use the CertificateClient to get a x509certificate2 directly. It would also be more consistent with the import API, which does mandate the private key to reside in the cert. So if I upload the private key, it makes sense for me to be able to download it - if I drew an analogy to secrets, it would be having to use one library to create a secret and another library to retrieve it…

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Reactions:6
  • Comments:11 (6 by maintainers)

github_iconTop GitHub Comments

1reaction
heathscommented, Oct 13, 2020

Our preview out now includes APIs for parsing the URI.

1reaction
pschaefleincommented, Oct 13, 2020

The ParseSecretName method in your sample should be part of the library, IMO.

In the UI, or the CLI, everything I touch is a certificate. But in code, I need to get a secret?

And, the Secrets SDK requires a string, but the certificate SDK gives me a URI (?!?)

I’m sure there is a good reason that the certificate points to a specific secret version/instance using a URI. How about an overload in the Secrets API that accepts a URI? Making the consumer find this thread/sample to put the pieces together is sub-optimal.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Azure Key Vault Certificate client library for .NET
The Azure Key Vault certificates client library enables programmatically managing certificates, offering methods to create, update, list, and ...
Read more >
Get a Certificate Including the Private Key - Code Samples
Azure Key Vault certificates are a great way to manage certificates. They allow you to set policies, automatically renew near-expiring ...
Read more >
How to Configure Azure.Security.KeyVault.Certificates ...
To load the certificate INCLUDING the private key, you need to retrieve it as a secret, not a certificate. If you get it...
Read more >
Azure Key Vault Certificate client library for Java
The Azure Key Vault Certificate client library supports certificates backed by RSA and EC keys. Multiple certificates and multiple versions of ...
Read more >
Azure::Security::KeyVault::Certificates::CertificateClient ...
Imports an existing valid certificate, containing a private key, into Azure Key Vault. The certificate to be imported can be in either PFX...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Uri.AbsoluteUri should be used instead of Uri.ToString()

Next page

[FEATURE REQ] Make ClientCertificateCredential disposable and dispose of the underlying X509Certificate2