App Service Certificate Orders - Create Or Update Certificate

Reference

Service:: App Service

API Version:: 2023-01-01

Description for Creates or updates a certificate and associates with key vault secret.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.CertificateRegistration/certificateOrders/{certificateOrderName}/certificates/{name}?api-version=2023-01-01

URI Parameters

Name	In	Required	Type	Description
certificateOrderName	path	True	string	Name of the certificate order.
name	path	True	string	Name of the certificate.
resourceGroupName	path	True	string	Name of the resource group to which the resource belongs. Regex pattern: `^[-\w\._]+[^\.]$`
subscriptionId	path	True	string	Your Azure subscription ID. This is a GUID-formatted string (e.g. 00000000-0000-0000-0000-000000000000).
api-version	query	True	string	API Version

Request Body

Name	Required	Type	Description
location	True	string	Resource Location.
kind		string	Kind of resource.
properties.keyVaultId		string	Key Vault resource Id.
properties.keyVaultSecretName		string	Key Vault secret name.
tags		object	Resource tags.

Responses

Name	Type	Description
200 OK	AppServiceCertificateResource	App Service Certificate is created.
201 Created	AppServiceCertificateResource	App Service Certificate creation operation is in progress
Other Status Codes	DefaultErrorResponse	App Service error response.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

Create Certificate

Sample Request

PUT https://management.azure.com/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName/certificates/SampleCertName1?api-version=2023-01-01

{
  "location": "Global",
  "properties": {
    "keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
    "keyVaultSecretName": "SampleSecretName1"
  }
}


import com.azure.resourcemanager.appservice.fluent.models.AppServiceCertificateResourceInner;

/**
 * Samples for AppServiceCertificateOrders CreateOrUpdateCertificate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/web/resource-manager/Microsoft.CertificateRegistration/stable/2023-01-01/examples/
     * CreateAppServiceCertificate.json
     */
    /**
     * Sample code: Create Certificate.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void createCertificate(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.webApps().manager().serviceClient().getAppServiceCertificateOrders().createOrUpdateCertificate(
            "testrg123", "SampleCertificateOrderName", "SampleCertName1",
            new AppServiceCertificateResourceInner().withLocation("Global").withKeyVaultId("fakeTokenPlaceholder")
                .withKeyVaultSecretName("fakeTokenPlaceholder"),
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential
from azure.mgmt.web import WebSiteManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-web
# USAGE
    python create_app_service_certificate.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = WebSiteManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="34adfa4f-cedf-4dc0-ba29-b6d1a69ab345",
    )

    response = client.app_service_certificate_orders.begin_create_or_update_certificate(
        resource_group_name="testrg123",
        certificate_order_name="SampleCertificateOrderName",
        name="SampleCertName1",
        key_vault_certificate={
            "location": "Global",
            "properties": {
                "keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
                "keyVaultSecretName": "SampleSecretName1",
            },
        },
    ).result()
    print(response)


# x-ms-original-file: specification/web/resource-manager/Microsoft.CertificateRegistration/stable/2023-01-01/examples/CreateAppServiceCertificate.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armappservice_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/appservice/armappservice/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/738ab25fe76324897f273645906d4a0415068a6c/specification/web/resource-manager/Microsoft.CertificateRegistration/stable/2023-01-01/examples/CreateAppServiceCertificate.json
func ExampleCertificateOrdersClient_BeginCreateOrUpdateCertificate() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armappservice.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewCertificateOrdersClient().BeginCreateOrUpdateCertificate(ctx, "testrg123", "SampleCertificateOrderName", "SampleCertName1", armappservice.CertificateResource{
		Location: to.Ptr("Global"),
		Properties: &armappservice.Certificate{
			KeyVaultID:         to.Ptr("/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName"),
			KeyVaultSecretName: to.Ptr("SampleSecretName1"),
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.CertificateResource = armappservice.CertificateResource{
	// 	Name: to.Ptr("SampleCertName1"),
	// 	Type: to.Ptr("Microsoft.CertificateRegistration/certificateOrders/certificates"),
	// 	ID: to.Ptr("/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName/certificates/SampleCertName1"),
	// 	Location: to.Ptr("Global"),
	// 	Properties: &armappservice.Certificate{
	// 		KeyVaultID: to.Ptr("/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName"),
	// 		KeyVaultSecretName: to.Ptr("SampleSecretName1"),
	// 		ProvisioningState: to.Ptr(armappservice.KeyVaultSecretStatusSucceeded),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { WebSiteManagementClient } = require("@azure/arm-appservice");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Description for Creates or updates a certificate and associates with key vault secret.
 *
 * @summary Description for Creates or updates a certificate and associates with key vault secret.
 * x-ms-original-file: specification/web/resource-manager/Microsoft.CertificateRegistration/stable/2023-01-01/examples/CreateAppServiceCertificate.json
 */
async function createCertificate() {
  const subscriptionId =
    process.env["APPSERVICE_SUBSCRIPTION_ID"] || "34adfa4f-cedf-4dc0-ba29-b6d1a69ab345";
  const resourceGroupName = process.env["APPSERVICE_RESOURCE_GROUP"] || "testrg123";
  const certificateOrderName = "SampleCertificateOrderName";
  const name = "SampleCertName1";
  const keyVaultCertificate = {
    keyVaultId:
      "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
    keyVaultSecretName: "SampleSecretName1",
    location: "Global",
  };
  const credential = new DefaultAzureCredential();
  const client = new WebSiteManagementClient(credential, subscriptionId);
  const result = await client.appServiceCertificateOrders.beginCreateOrUpdateCertificateAndWait(
    resourceGroupName,
    certificateOrderName,
    name,
    keyVaultCertificate
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "id": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName/certificates/SampleCertName1",
  "name": "SampleCertName1",
  "type": "Microsoft.CertificateRegistration/certificateOrders/certificates",
  "location": "Global",
  "properties": {
    "keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
    "keyVaultSecretName": "SampleSecretName1",
    "provisioningState": "Succeeded"
  }
}

Status code:: 201

{
  "id": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/testrg123/providers/Microsoft.CertificateRegistration/certificateOrders/SampleCertificateOrderName/certificates/SampleCertName1",
  "name": "SampleCertName1",
  "type": "Microsoft.CertificateRegistration/certificateOrders/certificates",
  "location": "Global",
  "properties": {
    "keyVaultId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourcegroups/testrg123/providers/microsoft.keyvault/vaults/SamplevaultName",
    "keyVaultSecretName": "SampleSecretName1",
    "provisioningState": "Succeeded"
  }
}

Definitions

Name	Description
AppServiceCertificateResource	Key Vault container ARM resource for a certificate that is purchased through Azure.
DefaultErrorResponse	App Service error response.
Details
Error	Error model.
KeyVaultSecretStatus	Status of the Key Vault secret.

AppServiceCertificateResource

Key Vault container ARM resource for a certificate that is purchased through Azure.

Name	Type	Description
id	string	Resource Id.
kind	string	Kind of resource.
location	string	Resource Location.
name	string	Resource Name.
properties.keyVaultId	string	Key Vault resource Id.
properties.keyVaultSecretName	string	Key Vault secret name.
properties.provisioningState	KeyVaultSecretStatus	Status of the Key Vault secret.
tags	object	Resource tags.
type	string	Resource type.

DefaultErrorResponse

App Service error response.

Name	Type	Description
error	Error	Error model.

Details

Name	Type	Description
code	string	Standardized string to programmatically identify the error.
message	string	Detailed error description and debugging information.
target	string	Detailed error description and debugging information.

Error

Error model.

Name	Type	Description
code	string	Standardized string to programmatically identify the error.
details	Details[]	Detailed errors.
innererror	string	More information to debug error.
message	string	Detailed error description and debugging information.
target	string	Detailed error description and debugging information.

KeyVaultSecretStatus

Status of the Key Vault secret.

Name	Type	Description
AzureServiceUnauthorizedToAccessKeyVault	string
CertificateOrderFailed	string
ExternalPrivateKey	string
Initialized	string
KeyVaultDoesNotExist	string
KeyVaultSecretDoesNotExist	string
OperationNotPermittedOnKeyVault	string
Succeeded	string
Unknown	string
UnknownError	string
WaitingOnCertificateOrder	string

App Service Certificate Orders - Create Or Update Certificate

URI Parameters

Request Body

Responses

Security

azure_auth

Scopes

Examples

Create Certificate

Sample Request

Sample Response

Definitions

AppServiceCertificateResource

DefaultErrorResponse

Details

Error

KeyVaultSecretStatus

Additional resources