CertificateClient Class

A high-level interface for managing a vault's certificates.

Inheritance
azure.keyvault.certificates._shared.client_base.KeyVaultClientBase
CertificateClient

Constructor

CertificateClient(vault_url, credential, **kwargs)

Parameters

vault_url
str
Required

URL of the vault the client will access. This is also called the vault's "DNS Name".

credential
Required

An object which can provide an access token for the vault, such as a credential from identity

api_version
ApiVersion
Required

version of the Key Vault API to use. Defaults to the most recent.

transport
HttpTransport
Required

transport to use. Defaults to RequestsTransport.

Examples

Create a new CertificateClient



   from azure.identity import DefaultAzureCredential
   from azure.keyvault.certificates import CertificateClient

   # Create a CertificateClient using default Azure credentials
   credential = DefaultAzureCredential()
   certificate_client = CertificateClient(vault_url=vault_url, credential=credential)


Methods

backup_certificate

Back up a certificate in a protected form useable only by Azure Key Vault.

Requires certificates/backup permission. This is intended to allow copying a certificate from one vault to another. Both vaults must be owned by the same Azure subscription. Also, backup / restore cannot be performed across geopolitical boundaries. For example, a backup from a vault in a USA region cannot be restored to a vault in an EU region.

begin_create_certificate

Creates a new certificate.

If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. The poller requires the certificates/get permission, otherwise raises an HttpResponseError

Keyword arguments

  • enabled (bool) - Determines whether the object is enabled.

  • tags (dict[str, str]) - Application specific metadata in the form of key-value pairs.

begin_delete_certificate

Delete all versions of a certificate. Requires certificates/delete permission.

When this method returns Key Vault has begun deleting the certificate. Deletion may take several seconds in a vault with soft-delete enabled. This method therefore returns a poller enabling you to wait for deletion to complete.

begin_recover_deleted_certificate

Recover a deleted certificate to its latest version. Possible only in a vault with soft-delete enabled.

Requires certificates/recover permission.

When this method returns Key Vault has begun recovering the certificate. Recovery may take several seconds. This method therefore returns a poller enabling you to wait for recovery to complete. Waiting is only necessary when you want to use the recovered certificate in another operation immediately.

cancel_certificate_operation

Cancels an in-progress certificate operation. Requires the certificates/update permission.

create_issuer

Sets the specified certificate issuer. Requires certificates/setissuers permission.

delete_certificate_operation

Deletes and stops the creation operation for a specific certificate.

Requires the certificates/update permission.

delete_contacts

Deletes the certificate contacts for the key vault. Requires the certificates/managecontacts permission.

delete_issuer

Deletes the specified certificate issuer.

Requires certificates/manageissuers/deleteissuers permission.

get_certificate

Gets a certificate with its management policy attached. Requires certificates/get permission.

Does not accept the version of the certificate as a parameter. To get a specific version of the certificate, call <xref:azure.keyvault.certificates.get_certificate_version>.

get_certificate_operation

Gets the creation operation of a certificate. Requires the certificates/get permission.

get_certificate_policy

Gets the policy for a certificate. Requires certificates/get permission.

Returns the specified certificate policy resources in the key vault.

get_certificate_version

Gets a specific version of a certificate without returning its management policy.

Requires certificates/get permission. To get the latest version of the certificate, or to get the certificate's policy as well, call get_certificate.

get_contacts

Gets the certificate contacts for the key vault. Requires the certificates/managecontacts permission.

get_deleted_certificate

Get a deleted certificate. Possible only in a vault with soft-delete enabled.

Requires certificates/get permission. Retrieves the deleted certificate information plus its attributes, such as retention interval, scheduled permanent deletion, and the current deletion recovery level.

get_issuer

Gets the specified certificate issuer. Requires certificates/manageissuers/getissuers permission.

import_certificate

Import a certificate created externally. Requires certificates/import permission.

Imports an existing valid certificate, containing a private key, into Azure Key Vault. The certificate to be imported can be in either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates.

list_deleted_certificates

Lists the currently-recoverable deleted certificates. Possible only if vault is soft-delete enabled.

Requires certificates/get/list permission. Retrieves the certificates in the current vault which are in a deleted state and ready for recovery or purging. This operation includes deletion-specific information.

list_properties_of_certificate_versions

List the identifiers and properties of a certificate's versions.

Requires certificates/list permission.

list_properties_of_certificates

List identifiers and properties of all certificates in the vault.

Requires certificates/list permission.

list_properties_of_issuers

Lists properties of the certificate issuers for the key vault.

Requires the certificates/manageissuers/getissuers permission.

merge_certificate

Merges a certificate or a certificate chain with a key pair existing on the server.

Requires the certificates/create permission. Performs the merging of a certificate or certificate chain with a key pair currently available in the service. Make sure when creating the certificate to merge using begin_create_certificate that you set its issuer to 'Unknown'. This way Key Vault knows that the certificate will not be signed by an issuer known to it.

purge_deleted_certificate

Permanently deletes a deleted certificate. Possible only in vaults with soft-delete enabled.

Requires certificates/purge permission.

Performs an irreversible deletion of the specified certificate, without possibility for recovery. The operation is not available if the recovery_level does not specify 'Purgeable'. This method is only necessary for purging a certificate before its scheduled_purge_date.

restore_certificate_backup

Restore a certificate backup to the vault. Requires certificates/restore permission.

This restores all versions of the certificate, with its name, attributes, and access control policies. If the certificate's name is already in use, restoring it will fail. Also, the target vault must be owned by the same Microsoft Azure subscription as the source vault.

set_contacts

Sets the certificate contacts for the key vault. Requires certificates/managecontacts permission.

update_certificate_policy

Updates the policy for a certificate. Requires certificiates/update permission.

Set specified members in the certificate policy. Leaves others as null.

update_certificate_properties

Change a certificate's properties. Requires certificates/update permission.

update_issuer

Updates the specified certificate issuer. Requires certificates/setissuers permission.

backup_certificate

Back up a certificate in a protected form useable only by Azure Key Vault.

Requires certificates/backup permission. This is intended to allow copying a certificate from one vault to another. Both vaults must be owned by the same Azure subscription. Also, backup / restore cannot be performed across geopolitical boundaries. For example, a backup from a vault in a USA region cannot be restored to a vault in an EU region.

backup_certificate(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

Returns

The backup blob containing the backed up certificate.

Return type

Exceptions

Examples

Get a certificate backup



   # backup certificate
   certificate_backup = certificate_client.backup_certificate(cert_name)

   # returns the raw bytes of the backed up certificate
   print(certificate_backup)


begin_create_certificate

Creates a new certificate.

If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. The poller requires the certificates/get permission, otherwise raises an HttpResponseError

Keyword arguments

  • enabled (bool) - Determines whether the object is enabled.

  • tags (dict[str, str]) - Application specific metadata in the form of key-value pairs.

begin_create_certificate(certificate_name, policy, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

policy
CertificatePolicy
Required

The management policy for the certificate.

enabled
bool

Whether the certificate is enabled for use.

tags
dict[str, str]

Application specific metadata in the form of key-value pairs.

Returns

An LROPoller for the create certificate operation. Waiting on the poller gives you the certificate if creation is successful, the CertificateOperation if not.

Return type

Exceptions

Examples

Create a certificate


   from azure.keyvault.certificates import CertificatePolicy, CertificateContentType, WellKnownIssuerNames

   # specify the certificate policy
   cert_policy = CertificatePolicy(
       issuer_name=WellKnownIssuerNames.self,
       subject="CN=*.microsoft.com",
       san_dns_names=["sdk.azure-int.net"],
       exportable=True,
       key_type="RSA",
       key_size=2048,
       reuse_key=False,
       content_type=CertificateContentType.pkcs12,
       validity_in_months=24,
   )

   cert_name = "cert-name"
   # create a certificate with optional arguments, returns a long running operation poller
   certificate_operation_poller = certificate_client.begin_create_certificate(
       certificate_name=cert_name, policy=cert_policy
   )

   # Here we are waiting for the certificate creation operation to be completed
   certificate = certificate_operation_poller.result()

   # You can get the final status of the certificate operation poller using .result()
   print(certificate_operation_poller.result())

   print(certificate.id)
   print(certificate.name)
   print(certificate.policy.issuer_name)


begin_delete_certificate

Delete all versions of a certificate. Requires certificates/delete permission.

When this method returns Key Vault has begun deleting the certificate. Deletion may take several seconds in a vault with soft-delete enabled. This method therefore returns a poller enabling you to wait for deletion to complete.

begin_delete_certificate(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate to delete.

Returns

A poller for the delete certificate operation. The poller's result method returns the DeletedCertificate without waiting for deletion to complete. If the vault has soft-delete enabled and you want to immediately, permanently delete the certificate with <xref:azure.keyvault.certificates.purge_deleted_certificate>, call the poller's wait method first. It will block until the deletion is complete. The wait method requires certificates/get permission.

Return type

Exceptions

Examples

Delete a certificate



   # delete a certificate
   deleted_certificate = certificate_client.begin_delete_certificate(certificate.name).result()

   print(deleted_certificate.name)

   # if the vault has soft-delete enabled, the certificate's deleted date,
   # scheduled purge date, and recovery id are available
   print(deleted_certificate.deleted_on)
   print(deleted_certificate.scheduled_purge_date)
   print(deleted_certificate.recovery_id)


begin_recover_deleted_certificate

Recover a deleted certificate to its latest version. Possible only in a vault with soft-delete enabled.

Requires certificates/recover permission.

When this method returns Key Vault has begun recovering the certificate. Recovery may take several seconds. This method therefore returns a poller enabling you to wait for recovery to complete. Waiting is only necessary when you want to use the recovered certificate in another operation immediately.

begin_recover_deleted_certificate(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the deleted certificate to recover

Returns

A poller for the recovery operation. The poller's result method returns the recovered KeyVaultCertificate without waiting for recovery to complete. If you want to use the recovered certificate immediately, call the poller's wait method, which blocks until the certificate is ready to use. The wait method requires certificate/get permission.

Return type

Exceptions

Examples

Recover a deleted certificate



   # recover a deleted certificate to its latest version (requires soft-delete enabled for the vault)
   recovered_certificate = certificate_client.begin_recover_deleted_certificate(cert_name).result()

   print(recovered_certificate.id)
   print(recovered_certificate.name)


cancel_certificate_operation

Cancels an in-progress certificate operation. Requires the certificates/update permission.

cancel_certificate_operation(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

Returns

The cancelled certificate operation

Return type

Exceptions

create_issuer

Sets the specified certificate issuer. Requires certificates/setissuers permission.

create_issuer(issuer_name, provider, **kwargs)

Parameters

issuer_name
str
Required

The name of the issuer.

provider
str
Required

The issuer provider.

enabled
bool

Whether the issuer is enabled for use.

account_id
str

The user name/account name/account id.

password
str

The password/secret/account key.

organization_id
str

Id of the organization

admin_contacts
list[AdministratorContact]

Contact details of the organization administrators of the certificate issuer.

Returns

The created CertificateIssuer

Return type

<xref:azure.keyvault.certificates.CertificateIssuer>

Exceptions

Examples

Create an issuer


   from azure.keyvault.certificates import AdministratorContact

   # First we specify the AdministratorContact for a issuer.
   admin_contacts = [
       AdministratorContact(first_name="John", last_name="Doe", email="admin@microsoft.com", phone="4255555555")
   ]

   issuer = certificate_client.create_issuer(
       issuer_name="issuer1",
       provider="Test",
       account_id="keyvaultuser",
       admin_contacts=admin_contacts,
       enabled=True,
   )

   print(issuer.name)
   print(issuer.provider)
   print(issuer.account_id)

   for contact in issuer.admin_contacts:
       print(contact.first_name)
       print(contact.last_name)
       print(contact.email)
       print(contact.phone)


delete_certificate_operation

Deletes and stops the creation operation for a specific certificate.

Requires the certificates/update permission.

delete_certificate_operation(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

Returns

The deleted CertificateOperation

Return type

Exceptions

delete_contacts

Deletes the certificate contacts for the key vault. Requires the certificates/managecontacts permission.

delete_contacts(**kwargs)

Returns

The deleted contacts for the key vault.

Return type

Exceptions

Examples

Delete contacts



   deleted_contacts = certificate_client.delete_contacts()

   for deleted_contact in deleted_contacts:
       print(deleted_contact.name)
       print(deleted_contact.email)
       print(deleted_contact.phone)


delete_issuer

Deletes the specified certificate issuer.

Requires certificates/manageissuers/deleteissuers permission.

delete_issuer(issuer_name, **kwargs)

Parameters

issuer_name
str
Required

The name of the issuer.

Returns

CertificateIssuer

Return type

<xref:azure.keyvault.certificates.CertificateIssuer>

Exceptions

Examples

Delete an issuer



   deleted_issuer = certificate_client.delete_issuer("issuer1")

   print(deleted_issuer.name)
   print(deleted_issuer.provider)
   print(deleted_issuer.account_id)

   for contact in deleted_issuer.admin_contacts:
       print(contact.first_name)
       print(contact.last_name)
       print(contact.email)
       print(contact.phone)


get_certificate

Gets a certificate with its management policy attached. Requires certificates/get permission.

Does not accept the version of the certificate as a parameter. To get a specific version of the certificate, call <xref:azure.keyvault.certificates.get_certificate_version>.

get_certificate(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate in the given vault.

Returns

An instance of KeyVaultCertificate

Return type

Exceptions

Examples

Get a certificate



   # get the certificate
   certificate = certificate_client.get_certificate(cert_name)

   print(certificate.id)
   print(certificate.name)
   print(certificate.policy.issuer_name)


get_certificate_operation

Gets the creation operation of a certificate. Requires the certificates/get permission.

get_certificate_operation(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

Returns

The created CertificateOperation

Return type

Exceptions

get_certificate_policy

Gets the policy for a certificate. Requires certificates/get permission.

Returns the specified certificate policy resources in the key vault.

get_certificate_policy(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate in a given key vault.

Returns

The certificate policy

Return type

Exceptions

get_certificate_version

Gets a specific version of a certificate without returning its management policy.

Requires certificates/get permission. To get the latest version of the certificate, or to get the certificate's policy as well, call get_certificate.

get_certificate_version(certificate_name, version, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate in the given vault.

version
str
Required

The version of the certificate.

Returns

An instance of KeyVaultCertificate

Return type

Exceptions

Examples

Get a certificate with a specific version



   certificate = certificate_client.get_certificate_version(cert_name, version)

   print(certificate.id)
   print(certificate.properties.version)


get_contacts

Gets the certificate contacts for the key vault. Requires the certificates/managecontacts permission.

get_contacts(**kwargs)

Returns

The certificate contacts for the key vault.

Return type

Exceptions

Examples

Get contacts



   contacts = certificate_client.get_contacts()

   # Loop through the certificate contacts for this key vault.
   for contact in contacts:
       print(contact.name)
       print(contact.email)
       print(contact.phone)


get_deleted_certificate

Get a deleted certificate. Possible only in a vault with soft-delete enabled.

Requires certificates/get permission. Retrieves the deleted certificate information plus its attributes, such as retention interval, scheduled permanent deletion, and the current deletion recovery level.

get_deleted_certificate(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

Returns

The deleted certificate

Return type

Exceptions

Examples

Get a deleted certificate



   # get a deleted certificate (requires soft-delete enabled for the vault)
   deleted_certificate = certificate_client.get_deleted_certificate(cert_name)
   print(deleted_certificate.name)

   # if the vault has soft-delete enabled, the certificate's deleted date,
   # scheduled purge date, and recovery id are available
   print(deleted_certificate.deleted_on)
   print(deleted_certificate.scheduled_purge_date)
   print(deleted_certificate.recovery_id)


get_issuer

Gets the specified certificate issuer. Requires certificates/manageissuers/getissuers permission.

get_issuer(issuer_name, **kwargs)

Parameters

issuer_name
str
Required

The name of the issuer.

Returns

The specified certificate issuer.

Return type

<xref:azure.keyvault.certificates.CertificateIssuer>

Exceptions

Examples

Get an issuer



   issuer = certificate_client.get_issuer("issuer1")

   print(issuer.name)
   print(issuer.provider)
   print(issuer.account_id)

   for contact in issuer.admin_contacts:
       print(contact.first_name)
       print(contact.last_name)
       print(contact.email)
       print(contact.phone)


import_certificate

Import a certificate created externally. Requires certificates/import permission.

Imports an existing valid certificate, containing a private key, into Azure Key Vault. The certificate to be imported can be in either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates.

import_certificate(certificate_name, certificate_bytes, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

certificate_bytes
bytes
Required

Bytes of the certificate object to import. This certificate needs to contain the private key.

enabled
bool

Whether the certificate is enabled for use.

tags
dict[str, str]

Application specific metadata in the form of key-value pairs.

password
str

If the private key in the passed in certificate is encrypted, it is the password used for encryption.

policy
CertificatePolicy

The management policy for the certificate

Returns

The imported KeyVaultCertificate

Return type

Exceptions

list_deleted_certificates

Lists the currently-recoverable deleted certificates. Possible only if vault is soft-delete enabled.

Requires certificates/get/list permission. Retrieves the certificates in the current vault which are in a deleted state and ready for recovery or purging. This operation includes deletion-specific information.

list_deleted_certificates(**kwargs)

Parameters

include_pending
bool

Specifies whether to include certificates which are not completely deleted.

Returns

An iterator like instance of DeletedCertificate

Return type

Exceptions

Examples

List all the deleted certificates



   # get an iterator of deleted certificates (requires soft-delete enabled for the vault)
   deleted_certificates = certificate_client.list_deleted_certificates()

   for certificate in deleted_certificates:
       print(certificate.id)
       print(certificate.name)
       print(certificate.deleted_on)
       print(certificate.scheduled_purge_date)
       print(certificate.deleted_on)


list_properties_of_certificate_versions

List the identifiers and properties of a certificate's versions.

Requires certificates/list permission.

list_properties_of_certificate_versions(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate.

Returns

An iterator like instance of CertificateProperties

Return type

Exceptions

Examples

List all versions of a certificate



   # get an iterator of a certificate's versions
   certificate_versions = certificate_client.list_properties_of_certificate_versions(certificate_name)

   for certificate in certificate_versions:
       print(certificate.id)
       print(certificate.updated_on)
       print(certificate.version)


list_properties_of_certificates

List identifiers and properties of all certificates in the vault.

Requires certificates/list permission.

list_properties_of_certificates(**kwargs)

Parameters

include_pending
bool

Specifies whether to include certificates which are not completely provisioned.

Returns

An iterator like instance of CertificateProperties

Return type

Exceptions

Examples

List all certificates



   # get an iterator of certificates
   certificates = certificate_client.list_properties_of_certificates()

   for certificate in certificates:
       print(certificate.id)
       print(certificate.created_on)
       print(certificate.name)
       print(certificate.updated_on)
       print(certificate.enabled)


list_properties_of_issuers

Lists properties of the certificate issuers for the key vault.

Requires the certificates/manageissuers/getissuers permission.

list_properties_of_issuers(**kwargs)

Returns

An iterator like instance of Issuers

Return type

ItemPaged[<xref:azure.keyvault.certificates.CertificateIssuer>]

Exceptions

Examples

List issuers of a vault



   issuers = certificate_client.list_properties_of_issuers()

   for issuer in issuers:
       print(issuer.name)
       print(issuer.provider)


merge_certificate

Merges a certificate or a certificate chain with a key pair existing on the server.

Requires the certificates/create permission. Performs the merging of a certificate or certificate chain with a key pair currently available in the service. Make sure when creating the certificate to merge using begin_create_certificate that you set its issuer to 'Unknown'. This way Key Vault knows that the certificate will not be signed by an issuer known to it.

merge_certificate(certificate_name, x509_certificates, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate

x509_certificates
list[bytes]
Required

The certificate or the certificate chain to merge.

enabled
bool

Whether the certificate is enabled for use.

tags
dict[str, str]

Application specific metadata in the form of key-value pairs.

Returns

The merged certificate

Return type

Exceptions

purge_deleted_certificate

Permanently deletes a deleted certificate. Possible only in vaults with soft-delete enabled.

Requires certificates/purge permission.

Performs an irreversible deletion of the specified certificate, without possibility for recovery. The operation is not available if the recovery_level does not specify 'Purgeable'. This method is only necessary for purging a certificate before its scheduled_purge_date.

purge_deleted_certificate(certificate_name, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate

Returns

None

Return type

Exceptions

restore_certificate_backup

Restore a certificate backup to the vault. Requires certificates/restore permission.

This restores all versions of the certificate, with its name, attributes, and access control policies. If the certificate's name is already in use, restoring it will fail. Also, the target vault must be owned by the same Microsoft Azure subscription as the source vault.

restore_certificate_backup(backup, **kwargs)

Parameters

backup
bytes
Required

The backup blob associated with a certificate bundle.

Returns

The restored KeyVaultCertificate

Return type

Exceptions

Examples

Restore a certificate backup



   # restore a certificate backup
   restored_certificate = certificate_client.restore_certificate_backup(certificate_backup)

   print(restored_certificate.id)
   print(restored_certificate.name)
   print(restored_certificate.properties.version)


set_contacts

Sets the certificate contacts for the key vault. Requires certificates/managecontacts permission.

set_contacts(contacts, **kwargs)

Parameters

contacts
list[CertificateContact]
Required

The contact list for the vault certificates.

Returns

The created list of contacts

Return type

Exceptions

Examples

Create contacts


   from azure.keyvault.certificates import CertificateContact

   # Create a list of the contacts that you want to set for this key vault.
   contact_list = [
       CertificateContact(email="admin@contoso.com", name="John Doe", phone="1111111111"),
       CertificateContact(email="admin2@contoso.com", name="John Doe2", phone="2222222222"),
   ]

   contacts = certificate_client.set_contacts(contact_list)
   for contact in contacts:
       print(contact.name)
       print(contact.email)
       print(contact.phone)


update_certificate_policy

Updates the policy for a certificate. Requires certificiates/update permission.

Set specified members in the certificate policy. Leaves others as null.

update_certificate_policy(certificate_name, policy, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate in the given vault.

policy
CertificatePolicy
Required

The policy for the certificate.

Returns

The certificate policy

Return type

Exceptions

update_certificate_properties

Change a certificate's properties. Requires certificates/update permission.

update_certificate_properties(certificate_name, version=None, **kwargs)

Parameters

certificate_name
str
Required

The name of the certificate in the given key vault.

version
str
Required

The version of the certificate.

enabled
bool

Whether the certificate is enabled for use.

tags
dict[str, str]

Application specific metadata in the form of key-value pairs.

Returns

The updated KeyVaultCertificate

Return type

Exceptions

Examples

Update a certificate's attributes



   # update attributes of an existing certificate
   tags = {"foo": "updated tag"}
   updated_certificate = certificate_client.update_certificate_properties(
       certificate_name=certificate.name, tags=tags
   )

   print(updated_certificate.properties.version)
   print(updated_certificate.properties.updated_on)
   print(updated_certificate.properties.tags)


update_issuer

Updates the specified certificate issuer. Requires certificates/setissuers permission.

update_issuer(issuer_name, **kwargs)

Parameters

issuer_name
str
Required

The name of the issuer.

enabled
bool

Whether the issuer is enabled for use.

provider
str

The issuer provider

account_id
str

The user name/account name/account id.

password
str

The password/secret/account key.

organization_id
str

Id of the organization

admin_contacts
list[AdministratorContact]

Contact details of the organization administrators of the certificate issuer

Returns

The updated issuer

Return type

<xref:azure.keyvault.certificates.CertificateIssuer>

Exceptions