Crée ou met à jour le certificat utilisé pour l’authentification avec le serveur principal.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates/{certificateId}?api-version=2022-08-01
Paramètres URI
| Nom |
Dans |
Obligatoire |
Type |
Description |
|
certificateId
|
path |
True
|
string
|
Identificateur de l’entité de certificat. Doit être unique dans le instance de service Gestion des API actuel.
Regex pattern: ^[^*#&+:<>?]+$
|
|
resourceGroupName
|
path |
True
|
string
|
Nom du groupe de ressources. Le nom ne respecte pas la casse.
|
|
serviceName
|
path |
True
|
string
|
Nom du service Gestion des API.
Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
|
|
subscriptionId
|
path |
True
|
string
|
ID de l’abonnement cible.
|
|
api-version
|
query |
True
|
string
|
Version de l’API à utiliser pour cette opération.
|
| Nom |
Obligatoire |
Type |
Description |
|
If-Match
|
|
string
|
ETag de l’entité. Non obligatoire lors de la création d’une entité, mais obligatoire lors de la mise à jour d’une entité.
|
Corps de la demande
| Nom |
Type |
Description |
|
properties.data
|
string
|
Certificat codé en base 64 à l’aide de la représentation application/x-pkcs12.
|
|
properties.keyVault
|
KeyVaultContractCreateProperties
|
Détails de l’emplacement du coffre de clés du certificat.
|
|
properties.password
|
string
|
Mot de passe du certificat
|
Réponses
| Nom |
Type |
Description |
|
200 OK
|
CertificateContract
|
Les détails du certificat ont été correctement mis à jour.
Headers
ETag: string
|
|
201 Created
|
CertificateContract
|
Le nouveau certificat a été correctement ajouté.
Headers
ETag: string
|
|
Other Status Codes
|
ErrorResponse
|
Réponse d’erreur décrivant la raison de l’échec de l’opération.
|
Sécurité
azure_auth
Flux OAuth2 Azure Active Directory.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Nom |
Description |
|
user_impersonation
|
Emprunter l’identité de votre compte d’utilisateur
|
Exemples
ApiManagementCreateCertificate
Sample Request
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert?api-version=2022-08-01
{
"properties": {
"data": "****************Base 64 Encoded Certificate *******************************",
"password": "****Certificate Password******"
}
}
/** Samples for Certificate CreateOrUpdate. */
public final class Main {
/*
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
*/
/**
* Sample code: ApiManagementCreateCertificate.
*
* @param manager Entry point to ApiManagementManager.
*/
public static void apiManagementCreateCertificate(
com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
manager
.certificates()
.define("tempcert")
.withExistingService("rg1", "apimService1")
.withData("****************Base 64 Encoded Certificate *******************************")
.withPassword("****Certificate Password******")
.create();
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.apimanagement import ApiManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-apimanagement
# USAGE
python api_management_create_certificate.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ApiManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.certificate.create_or_update(
resource_group_name="rg1",
service_name="apimService1",
certificate_id="tempcert",
parameters={
"properties": {
"data": "****************Base 64 Encoded Certificate *******************************",
"password": "****Certificate Password******",
}
},
)
print(response)
# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armapimanagement_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
func ExampleCertificateClient_CreateOrUpdate_apiManagementCreateCertificate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewCertificateClient().CreateOrUpdate(ctx, "rg1", "apimService1", "tempcert", armapimanagement.CertificateCreateOrUpdateParameters{
Properties: &armapimanagement.CertificateCreateOrUpdateProperties{
Data: to.Ptr("****************Base 64 Encoded Certificate *******************************"),
Password: to.Ptr("****Certificate Password******"),
},
}, &armapimanagement.CertificateClientCreateOrUpdateOptions{IfMatch: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.CertificateContract = armapimanagement.CertificateContract{
// Name: to.Ptr("tempcert"),
// Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert"),
// Properties: &armapimanagement.CertificateContractProperties{
// ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-03-17T21:55:07.000Z"); return t}()),
// Subject: to.Ptr("CN=contoso.com"),
// Thumbprint: to.Ptr("*******************3"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the certificate being used for authentication with the backend.
*
* @summary Creates or updates the certificate being used for authentication with the backend.
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
*/
async function apiManagementCreateCertificate() {
const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const certificateId = "tempcert";
const parameters = {
data: "****************Base 64 Encoded Certificate *******************************",
password: "****Certificate Password******",
};
const credential = new DefaultAzureCredential();
const client = new ApiManagementClient(credential, subscriptionId);
const result = await client.certificate.createOrUpdate(
resourceGroupName,
serviceName,
certificateId,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "tempcert",
"properties": {
"subject": "CN=contoso.com",
"thumbprint": "*******************3",
"expirationDate": "2018-03-17T21:55:07+00:00"
}
}
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "tempcert",
"properties": {
"subject": "CN=contoso.com",
"thumbprint": "*******************3",
"expirationDate": "2018-03-17T21:55:07+00:00"
}
}
ApiManagementCreateCertificateWithKeyVault
Sample Request
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv?api-version=2022-08-01
{
"properties": {
"keyVault": {
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"
}
}
}
import com.azure.resourcemanager.apimanagement.models.KeyVaultContractCreateProperties;
/** Samples for Certificate CreateOrUpdate. */
public final class Main {
/*
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
*/
/**
* Sample code: ApiManagementCreateCertificateWithKeyVault.
*
* @param manager Entry point to ApiManagementManager.
*/
public static void apiManagementCreateCertificateWithKeyVault(
com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
manager
.certificates()
.define("templateCertkv")
.withExistingService("rg1", "apimService1")
.withKeyVault(
new KeyVaultContractCreateProperties()
.withSecretIdentifier("fakeTokenPlaceholder")
.withIdentityClientId("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"))
.create();
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.apimanagement import ApiManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-apimanagement
# USAGE
python api_management_create_certificate_with_key_vault.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ApiManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.certificate.create_or_update(
resource_group_name="rg1",
service_name="apimService1",
certificate_id="templateCertkv",
parameters={
"properties": {
"keyVault": {
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
}
}
},
)
print(response)
# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armapimanagement_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
func ExampleCertificateClient_CreateOrUpdate_apiManagementCreateCertificateWithKeyVault() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewCertificateClient().CreateOrUpdate(ctx, "rg1", "apimService1", "templateCertkv", armapimanagement.CertificateCreateOrUpdateParameters{
Properties: &armapimanagement.CertificateCreateOrUpdateProperties{
KeyVault: &armapimanagement.KeyVaultContractCreateProperties{
IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
},
},
}, &armapimanagement.CertificateClientCreateOrUpdateOptions{IfMatch: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.CertificateContract = armapimanagement.CertificateContract{
// Name: to.Ptr("templateCertkv"),
// Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv"),
// Properties: &armapimanagement.CertificateContractProperties{
// ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2037-01-01T07:00:00.000Z"); return t}()),
// KeyVault: &armapimanagement.KeyVaultContractProperties{
// IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
// SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
// LastStatus: &armapimanagement.KeyVaultLastAccessStatusContractProperties{
// Code: to.Ptr("Success"),
// TimeStampUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-22T00:24:53.319Z"); return t}()),
// },
// },
// Subject: to.Ptr("CN=*.msitesting.net"),
// Thumbprint: to.Ptr("EA**********************9AD690"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the certificate being used for authentication with the backend.
*
* @summary Creates or updates the certificate being used for authentication with the backend.
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
*/
async function apiManagementCreateCertificateWithKeyVault() {
const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const certificateId = "templateCertkv";
const parameters = {
keyVault: {
identityClientId: "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
secretIdentifier:
"https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
},
};
const credential = new DefaultAzureCredential();
const client = new ApiManagementClient(credential, subscriptionId);
const result = await client.certificate.createOrUpdate(
resourceGroupName,
serviceName,
certificateId,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
Définitions
CertificateContract
Détails du certificat.
| Nom |
Type |
Description |
|
id
|
string
|
ID de ressource complet pour la ressource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
|
name
|
string
|
nom de la ressource.
|
|
properties.expirationDate
|
string
|
Date d’expiration du certificat. La date est conforme au format suivant : yyyy-MM-ddTHH:mm:ssZ tel que spécifié par la norme ISO 8601.
|
|
properties.keyVault
|
KeyVaultContractProperties
|
Détails de l’emplacement du coffre de clés du certificat.
|
|
properties.subject
|
string
|
Attribut d'objet du certificat.
|
|
properties.thumbprint
|
string
|
Empreinte numérique du certificat.
|
|
type
|
string
|
Type de la ressource. Par exemple, « Microsoft.Compute/virtualMachines » ou « Microsoft.Storage/storageAccounts »
|
CertificateCreateOrUpdateParameters
Détails de la création ou de la mise à jour du certificat.
| Nom |
Type |
Description |
|
properties.data
|
string
|
Certificat codé en base 64 à l’aide de la représentation application/x-pkcs12.
|
|
properties.keyVault
|
KeyVaultContractCreateProperties
|
Détails de l’emplacement du coffre de clés du certificat.
|
|
properties.password
|
string
|
Mot de passe du certificat
|
ErrorFieldContract
Contrat de champ d’erreur.
| Nom |
Type |
Description |
|
code
|
string
|
Code d'erreur de niveau propriété.
|
|
message
|
string
|
Représentation lisible par l’homme de l’erreur au niveau des propriétés.
|
|
target
|
string
|
Nom de propriété.
|
ErrorResponse
Réponse d’erreur.
| Nom |
Type |
Description |
|
error.code
|
string
|
Code d'erreur défini par le service. Ce code sert de sous-état pour le code d'erreur HTTP spécifié dans la réponse.
|
|
error.details
|
ErrorFieldContract[]
|
Liste des champs non valides envoyés dans la demande, en cas d’erreur de validation.
|
|
error.message
|
string
|
Représentation contrôlable de visu de l’erreur.
|
KeyVaultContractCreateProperties
Créez les détails du contrat KeyVault.
| Nom |
Type |
Description |
|
identityClientId
|
string
|
Null pour SystemAssignedIdentity ou ID client pour UserAssignedIdentity , qui sera utilisé pour accéder au secret du coffre de clés.
|
|
secretIdentifier
|
string
|
Identificateur du secret du coffre de clés pour l’extraction du secret. La fourniture d’un secret avec version empêche l’actualisation automatique. Pour cela, Gestion des API service doit être configuré avec aka.ms/apimmsi
|
KeyVaultContractProperties
Détails du contrat KeyVault.
| Nom |
Type |
Description |
|
identityClientId
|
string
|
Null pour SystemAssignedIdentity ou ID client pour UserAssignedIdentity , qui sera utilisé pour accéder au secret du coffre de clés.
|
|
lastStatus
|
KeyVaultLastAccessStatusContractProperties
|
Dernière synchronisation et actualisation status de secret à partir du coffre de clés.
|
|
secretIdentifier
|
string
|
Identificateur du secret du coffre de clés pour l’extraction du secret. La fourniture d’un secret avec version empêche l’actualisation automatique. Pour cela, Gestion des API service doit être configuré avec aka.ms/apimmsi
|
KeyVaultLastAccessStatusContractProperties
Émettre les propriétés de mise à jour du contrat.
| Nom |
Type |
Description |
|
code
|
string
|
Dernier status code pour la synchronisation et l’actualisation du secret à partir du coffre de clés.
|
|
message
|
string
|
Les détails de l’erreur sont sinon vides.
|
|
timeStampUtc
|
string
|
Dernière fois que le secret a été accédé. La date est conforme au format suivant : yyyy-MM-ddTHH:mm:ssZ tel que spécifié par la norme ISO 8601.
|