@azure/keyvault-certificates package

Classes

CertificateClient

The client to interact with the KeyVault certificates functionality

Interfaces

AdministratorContact

Details of the organization administrator of the certificate issuer.

BackupCertificateResult

The backup certificate result, containing the backup blob.

BeginCreateCertificateOptions

An interface representing the optional parameters that can be passed to <xref:beginCreateCertificate>

CertificateClientOptions

The optional parameters accepted by the KeyVault's KeyClient

CertificateContactAll

The shape of the contact information for the vault certificates.

CertificateIssuer

An interface representing the properties of an issuer.

CertificateOperation

A certificate operation is returned in case of asynchronous requests.

CertificateOperationError

The key vault server error.

CertificateOperationState

An interface representing the publicly available properties of the state of the CertificateOperationPoller.

CertificatePolicyProperties

An interface representing a certificate's policy (without the subject properties).

CertificatePollerOptions

An interface representing the optional parameters that can be passed to <xref:beginCreateCertificate>, <xref:beginDeleteCertificate> and <xref:beginRecoverDeletedCertificate>

CertificateProperties

An interface representing the properties of a certificate

CoreSubjectAlternativeNames

The subject alternate names of a X509 object.

CreateCertificateOptions

Options for <xref:createCertificate>.

CreateIssuerOptions

Options for <xref:createIssuer>.

DeletedCertificate

An interface representing a deleted certificate.

ErrorModel

The key vault server error model.

ImportCertificateOptions

Options for <xref:importCertificate>.

IssuerAttributes

The attributes of an issuer managed by the Key Vault service.

IssuerCredentials

The credentials to be used for the certificate issuer.

IssuerParameters

Parameters for the issuer of the X509 component of a certificate.

IssuerProperties

An interface representing the properties of a certificate issuer

KeyVaultCertificate

An interface representing a certificate without the certificate's policy

KeyVaultCertificateIdentifier

Represents the segments that compose a Key Vault Certificate Id.

KeyVaultCertificatePollOperationState

An interface representing the public shape of the state of a Key Vault Certificate Poller's operations.

KeyVaultCertificateWithPolicy

An interface representing a certificate with its policy

LifetimeAction

Action and its trigger that will be performed by Key Vault over the lifetime of a certificate.

ListDeletedCertificatesOptions

An interface representing optional parameters for CertificateClient paged operations passed to <xref:listDeletedCertificates>.

ListPropertiesOfCertificatesOptions

An interface representing optional parameters for CertificateClient paged operations passed to <xref:listPropertiesOfCertificates>.

PolicySubjectProperties

An interface representing the possible subject properties of a certificate's policy. The final type requires at least one of these properties to exist.

SubjectAlternativeNamesAll

An interface representing the alternative names of the subject of a certificate policy.

UpdateCertificateOptions

Options for <xref:updateCertificate>.

UpdateIssuerOptions

Options for <xref:updateIssuer>.

X509CertificateProperties

Properties of the X509 component of a certificate.

Type Aliases

ActionType

Defines values for ActionType.

ArrayOneOrMore

An array with one property at minimum.

BackupCertificateOptions

Options for <xref:backupCertificate>.

BeginDeleteCertificateOptions

An interface representing the optional parameters that can be passed to <xref:beginDeleteCertificate>

BeginRecoverDeletedCertificateOptions

An interface representing the optional parameters that can be passed to <xref:beginRecoverDeletedCertificate>

CancelCertificateOperationOptions

Options for <xref:cancelCertificateOperation>.

CertificateContact

The contact information for the vault certificates. Each contact will have at least just one of the properties of CertificateContactAll, which are: emailAddress, name or phone.

CertificateContentType

Defines values for contentType. Possible values include: 'application/x-pem-file', 'application/x-pkcs12'

CertificateKeyCurveName

Defines values for JsonWebKeyCurveName.
<xref:KnownJsonWebKeyCurveName> can be used interchangeably with JsonWebKeyCurveName, this enum contains the known values that the service supports.

Know values supported by the service

P-256
P-384
P-521
P-256K

CertificateKeyType

Defines values for JsonWebKeyType.
<xref:KnownJsonWebKeyType> can be used interchangeably with JsonWebKeyType, this enum contains the known values that the service supports.

Know values supported by the service

EC
EC-HSM
RSA
RSA-HSM
oct
oct-HSM

CertificatePolicy

An type representing a certificate's policy with at least one of the subject properties.

CertificatePolicyAction

The action that will be executed.

CertificateTags

An interface representing the shape of the Certificate Tags. The tags are just string key-value pairs.

CreateCertificateState

The public representation of the CreateCertificatePoller operation state.

DeleteCertificateOperationOptions

Options for <xref:deleteCertificateOperation>.

DeleteCertificateState

The public representation of the DeleteCertificatePoller operation state.

DeleteContactsOptions

Options for <xref:deleteContacts>.

DeleteIssuerOptions

Options for <xref:deleteIssuer>.

DeletionRecoveryLevel

Defines values for DeletionRecoveryLevel.
<xref:KnownDeletionRecoveryLevel> can be used interchangeably with DeletionRecoveryLevel, this enum contains the known values that the service supports.

Know values supported by the service

Purgeable: Denotes a vault state in which deletion is an irreversible operation, without the possibility for recovery. This level corresponds to no protection being available against a Delete operation; the data is irretrievably lost upon accepting a Delete operation at the entity level or higher (vault, resource group, subscription etc.)
Recoverable+Purgeable: Denotes a vault state in which deletion is recoverable, and which also permits immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the retention interval (90 days), unless a Purge operation is requested, or the subscription is cancelled. System wil permanently delete it after 90 days, if not recovered
Recoverable: Denotes a vault state in which deletion is recoverable without the possibility for immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the retention interval(90 days) and while the subscription is still available. System wil permanently delete it after 90 days, if not recovered
Recoverable+ProtectedSubscription: Denotes a vault and subscription state in which deletion is recoverable within retention interval (90 days), immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot be permanently canceled. System wil permanently delete it after 90 days, if not recovered
CustomizedRecoverable+Purgeable: Denotes a vault state in which deletion is recoverable, and which also permits immediate and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90). This level guarantees the recoverability of the deleted entity during the retention interval, unless a Purge operation is requested, or the subscription is cancelled.
CustomizedRecoverable: Denotes a vault state in which deletion is recoverable without the possibility for immediate and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90).This level guarantees the recoverability of the deleted entity during the retention interval and while the subscription is still available.
CustomizedRecoverable+ProtectedSubscription: Denotes a vault and subscription state in which deletion is recoverable, immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot be permanently canceled when 7<= SoftDeleteRetentionInDays < 90. This level guarantees the recoverability of the deleted entity during the retention interval, and also reflects the fact that the subscription itself cannot be cancelled.

GetCertificateOperationOptions

Options for <xref:getCertificateOperation>.

GetCertificateOptions

Options for <xref:getCertificate>.

GetCertificatePolicyOptions

Options for <xref:getCertificatePolicy>.

GetCertificateVersionOptions

Options for <xref:getCertificateVersion>.

GetContactsOptions

Options for <xref:getContacts>.

GetDeletedCertificateOptions

Options for <xref:getDeletedCertificate>.

GetIssuerOptions

Options for <xref:getIssuer>.

GetPlainCertificateOperationOptions

Options for <xref:getPlainCertificateOperation>.

ImportCertificatePolicy

A type representing a certificate's policy for import which does not require a SAN or a Subject

KVPollerLike

Deprecated KeyVault copy of core-lro's PollerLike.

KeyUsageType

Defines values for KeyUsageType.
<xref:KnownKeyUsageType> can be used interchangeably with KeyUsageType, this enum contains the known values that the service supports.

Know values supported by the service

digitalSignature
nonRepudiation
keyEncipherment
dataEncipherment
keyAgreement
keyCertSign
cRLSign
encipherOnly
decipherOnly

ListPropertiesOfCertificateVersionsOptions

An interface representing optional parameters for CertificateClient paged operations passed to <xref:listPropertiesOfCertificateVersions>.

ListPropertiesOfIssuersOptions

An interface representing optional parameters for CertificateClient paged operations passed to <xref:listPropertiesOfIssuers>.

MergeCertificateOptions

An interface representing optional parameters for <xref:mergeCertificate>.

PurgeDeletedCertificateOptions

Options for <xref:purgeDeletedCertificate>.

RecoverDeletedCertificateState

Deprecated: Public representation of the recovery of a deleted certificate poll operation

RequireAtLeastOne

RequireAtLeastOne helps create a type where at least one of the properties of an interface (can be any property) is required to exist. This works because of TypeScript's utility types: https://www.typescriptlang.org/docs/handbook/utility-types.html Let's examine it:

  • [K in keyof T]-? this property (K) is valid only if it has the same name as any property of T.
  • Required<Pick<T, K>> makes a new type from T with just the current property in the iteration, and marks it as required
  • Partial<Pick<T, Exclude<keyof T, K>>> makes a new type with all the properties of T, except from the property K.
  • & is what unites the type with only one required property from Required<...> with all the optional properties from Partial<...>.
  • [keyof T] ensures that only properties of T are allowed.
RestoreCertificateBackupOptions

An interface representing optional parameters for <xref:restoreCertificateBackup>.

SetContactsOptions

Options for <xref:setContacts>.

SubjectAlternativeNames

Alternatives to the subject property. If present, it should at least have one of the properties of SubjectAlternativeNamesAll.

UpdateCertificatePolicyOptions

Options for <xref:updateCertificatePolicy>.

Enums

KnownCertificateKeyCurveNames

Known values of <xref:JsonWebKeyCurveName> that the service accepts.

KnownCertificateKeyTypes

Known values of <xref:JsonWebKeyType> that the service accepts.

KnownDeletionRecoveryLevels

Known values of <xref:DeletionRecoveryLevel> that the service accepts.

KnownKeyUsageTypes

Known values of <xref:KeyUsageType> that the service accepts.

WellKnownIssuer

Well known issuers for choosing a default

Functions

parseKeyVaultCertificateIdentifier(string)

Parses the given Key Vault Certificate Id. An example is: https://.vault.azure.net/certificates//

On parsing the above Id, this function returns:

  {
     sourceId: "https://<keyvault-name>.vault.azure.net/certificates/<certificate-name>/<unique-version-id>",
     vaultUrl: "https://<keyvault-name>.vault.azure.net",
     version: "<unique-version-id>",
     name: "<certificate-name>"
  }

Function Details

parseKeyVaultCertificateIdentifier(string)

Parses the given Key Vault Certificate Id. An example is: https://.vault.azure.net/certificates//

On parsing the above Id, this function returns:

  {
     sourceId: "https://<keyvault-name>.vault.azure.net/certificates/<certificate-name>/<unique-version-id>",
     vaultUrl: "https://<keyvault-name>.vault.azure.net",
     version: "<unique-version-id>",
     name: "<certificate-name>"
  }
function parseKeyVaultCertificateIdentifier(id: string)

Parameters

id

string

The Id of the Key Vault Certificate.

Returns