Crea o actualiza el certificado que se usa para la autenticación con el servidor back-end.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates/{certificateId}?api-version=2022-08-01
Parámetros de identificador URI
Nombre |
En |
Requerido |
Tipo |
Description |
certificateId
|
path |
True
|
string
|
Identificador de la entidad de certificado. Debe ser único en la instancia de servicio de API Management actual.
Regex pattern: ^[^*#&+:<>?]+$
|
resourceGroupName
|
path |
True
|
string
|
Nombre del grupo de recursos. El nombre distingue mayúsculas de minúsculas.
|
serviceName
|
path |
True
|
string
|
Nombre del servicio API Management.
Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
|
subscriptionId
|
path |
True
|
string
|
Identificador de la suscripción de destino.
|
api-version
|
query |
True
|
string
|
Versión de API que se usará para la operación.
|
Nombre |
Requerido |
Tipo |
Description |
If-Match
|
|
string
|
ETag de la entidad. No es necesario al crear una entidad, pero es necesario al actualizar una entidad.
|
Cuerpo de la solicitud
Nombre |
Tipo |
Description |
properties.data
|
string
|
Certificado codificado en base 64 mediante la representación application/x-pkcs12.
|
properties.keyVault
|
KeyVaultContractCreateProperties
|
Detalles de ubicación de KeyVault del certificado.
|
properties.password
|
string
|
Contraseña del certificado
|
Respuestas
Nombre |
Tipo |
Description |
200 OK
|
CertificateContract
|
Los detalles del certificado se actualizaron correctamente.
Headers
ETag: string
|
201 Created
|
CertificateContract
|
El nuevo certificado se ha agregado correctamente.
Headers
ETag: string
|
Other Status Codes
|
ErrorResponse
|
Respuesta de error que describe el motivo del error de la operación.
|
Seguridad
azure_auth
Flujo de OAuth2 de Azure Active Directory.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Nombre |
Description |
user_impersonation
|
suplantación de su cuenta de usuario
|
Ejemplos
ApiManagementCreateCertificate
Sample Request
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert?api-version=2022-08-01
{
"properties": {
"data": "****************Base 64 Encoded Certificate *******************************",
"password": "****Certificate Password******"
}
}
/** Samples for Certificate CreateOrUpdate. */
public final class Main {
/*
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
*/
/**
* Sample code: ApiManagementCreateCertificate.
*
* @param manager Entry point to ApiManagementManager.
*/
public static void apiManagementCreateCertificate(
com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
manager
.certificates()
.define("tempcert")
.withExistingService("rg1", "apimService1")
.withData("****************Base 64 Encoded Certificate *******************************")
.withPassword("****Certificate Password******")
.create();
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.apimanagement import ApiManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-apimanagement
# USAGE
python api_management_create_certificate.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ApiManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.certificate.create_or_update(
resource_group_name="rg1",
service_name="apimService1",
certificate_id="tempcert",
parameters={
"properties": {
"data": "****************Base 64 Encoded Certificate *******************************",
"password": "****Certificate Password******",
}
},
)
print(response)
# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armapimanagement_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
func ExampleCertificateClient_CreateOrUpdate_apiManagementCreateCertificate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewCertificateClient().CreateOrUpdate(ctx, "rg1", "apimService1", "tempcert", armapimanagement.CertificateCreateOrUpdateParameters{
Properties: &armapimanagement.CertificateCreateOrUpdateProperties{
Data: to.Ptr("****************Base 64 Encoded Certificate *******************************"),
Password: to.Ptr("****Certificate Password******"),
},
}, &armapimanagement.CertificateClientCreateOrUpdateOptions{IfMatch: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.CertificateContract = armapimanagement.CertificateContract{
// Name: to.Ptr("tempcert"),
// Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert"),
// Properties: &armapimanagement.CertificateContractProperties{
// ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-03-17T21:55:07.000Z"); return t}()),
// Subject: to.Ptr("CN=contoso.com"),
// Thumbprint: to.Ptr("*******************3"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the certificate being used for authentication with the backend.
*
* @summary Creates or updates the certificate being used for authentication with the backend.
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
*/
async function apiManagementCreateCertificate() {
const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const certificateId = "tempcert";
const parameters = {
data: "****************Base 64 Encoded Certificate *******************************",
password: "****Certificate Password******",
};
const credential = new DefaultAzureCredential();
const client = new ApiManagementClient(credential, subscriptionId);
const result = await client.certificate.createOrUpdate(
resourceGroupName,
serviceName,
certificateId,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "tempcert",
"properties": {
"subject": "CN=contoso.com",
"thumbprint": "*******************3",
"expirationDate": "2018-03-17T21:55:07+00:00"
}
}
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "tempcert",
"properties": {
"subject": "CN=contoso.com",
"thumbprint": "*******************3",
"expirationDate": "2018-03-17T21:55:07+00:00"
}
}
ApiManagementCreateCertificateWithKeyVault
Sample Request
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv?api-version=2022-08-01
{
"properties": {
"keyVault": {
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"
}
}
}
import com.azure.resourcemanager.apimanagement.models.KeyVaultContractCreateProperties;
/** Samples for Certificate CreateOrUpdate. */
public final class Main {
/*
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
*/
/**
* Sample code: ApiManagementCreateCertificateWithKeyVault.
*
* @param manager Entry point to ApiManagementManager.
*/
public static void apiManagementCreateCertificateWithKeyVault(
com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
manager
.certificates()
.define("templateCertkv")
.withExistingService("rg1", "apimService1")
.withKeyVault(
new KeyVaultContractCreateProperties()
.withSecretIdentifier("fakeTokenPlaceholder")
.withIdentityClientId("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"))
.create();
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.apimanagement import ApiManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-apimanagement
# USAGE
python api_management_create_certificate_with_key_vault.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ApiManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.certificate.create_or_update(
resource_group_name="rg1",
service_name="apimService1",
certificate_id="templateCertkv",
parameters={
"properties": {
"keyVault": {
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
}
}
},
)
print(response)
# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armapimanagement_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
func ExampleCertificateClient_CreateOrUpdate_apiManagementCreateCertificateWithKeyVault() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewCertificateClient().CreateOrUpdate(ctx, "rg1", "apimService1", "templateCertkv", armapimanagement.CertificateCreateOrUpdateParameters{
Properties: &armapimanagement.CertificateCreateOrUpdateProperties{
KeyVault: &armapimanagement.KeyVaultContractCreateProperties{
IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
},
},
}, &armapimanagement.CertificateClientCreateOrUpdateOptions{IfMatch: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.CertificateContract = armapimanagement.CertificateContract{
// Name: to.Ptr("templateCertkv"),
// Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv"),
// Properties: &armapimanagement.CertificateContractProperties{
// ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2037-01-01T07:00:00.000Z"); return t}()),
// KeyVault: &armapimanagement.KeyVaultContractProperties{
// IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
// SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
// LastStatus: &armapimanagement.KeyVaultLastAccessStatusContractProperties{
// Code: to.Ptr("Success"),
// TimeStampUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-22T00:24:53.319Z"); return t}()),
// },
// },
// Subject: to.Ptr("CN=*.msitesting.net"),
// Thumbprint: to.Ptr("EA**********************9AD690"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the certificate being used for authentication with the backend.
*
* @summary Creates or updates the certificate being used for authentication with the backend.
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
*/
async function apiManagementCreateCertificateWithKeyVault() {
const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const certificateId = "templateCertkv";
const parameters = {
keyVault: {
identityClientId: "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
secretIdentifier:
"https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
},
};
const credential = new DefaultAzureCredential();
const client = new ApiManagementClient(credential, subscriptionId);
const result = await client.certificate.createOrUpdate(
resourceGroupName,
serviceName,
certificateId,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
Definiciones
CertificateContract
Detalles del certificado.
Nombre |
Tipo |
Description |
id
|
string
|
Identificador de recurso completo del recurso. Por ejemplo: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
name
|
string
|
Nombre del recurso.
|
properties.expirationDate
|
string
|
Fecha de expiración del certificado. La fecha se ajusta al siguiente formato: yyyy-MM-ddTHH:mm:ssZ según lo especificado por el estándar ISO 8601.
|
properties.keyVault
|
KeyVaultContractProperties
|
Detalles de ubicación de KeyVault del certificado.
|
properties.subject
|
string
|
Atributo Subject del certificado.
|
properties.thumbprint
|
string
|
Huella digital del certificado
|
type
|
string
|
Tipo de recurso. Por ejemplo, "Microsoft.Compute/virtualMachines" o "Microsoft.Storage/storageAccounts"
|
CertificateCreateOrUpdateParameters
Detalles de creación o actualización del certificado.
Nombre |
Tipo |
Description |
properties.data
|
string
|
Certificado codificado en base 64 mediante la representación application/x-pkcs12.
|
properties.keyVault
|
KeyVaultContractCreateProperties
|
Detalles de ubicación de KeyVault del certificado.
|
properties.password
|
string
|
Contraseña del certificado
|
ErrorFieldContract
Contrato de campo de error.
Nombre |
Tipo |
Description |
code
|
string
|
Código de error de nivel de propiedad.
|
message
|
string
|
Representación legible del error de nivel de propiedad.
|
target
|
string
|
Nombre de propiedad.
|
ErrorResponse
Respuesta de error.
Nombre |
Tipo |
Description |
error.code
|
string
|
Código del error definido por el servicio. Este código funciona como estado secundario del código de error HTTP especificado en la respuesta.
|
error.details
|
ErrorFieldContract[]
|
La lista de campos no válidos que se envían en la solicitud, en caso de error de validación.
|
error.message
|
string
|
Representación legible del error.
|
KeyVaultContractCreateProperties
Cree los detalles del contrato keyVault.
Nombre |
Tipo |
Description |
identityClientId
|
string
|
Null para SystemAssignedIdentity o Id. de cliente para UserAssignedIdentity, que se usará para acceder al secreto del almacén de claves.
|
secretIdentifier
|
string
|
Identificador de secreto del almacén de claves para capturar el secreto. Proporcionar un secreto con versiones impedirá la actualización automática. Esto requiere que API Management servicio se configure con aka.ms/apimmsi
|
KeyVaultContractProperties
Detalles del contrato de KeyVault.
Nombre |
Tipo |
Description |
identityClientId
|
string
|
Null para SystemAssignedIdentity o Id. de cliente para UserAssignedIdentity, que se usará para acceder al secreto del almacén de claves.
|
lastStatus
|
KeyVaultLastAccessStatusContractProperties
|
Última sincronización y actualización del estado del secreto del almacén de claves.
|
secretIdentifier
|
string
|
Identificador de secreto del almacén de claves para capturar el secreto. Proporcionar un secreto con versiones impedirá la actualización automática. Esto requiere que API Management servicio se configure con aka.ms/apimmsi
|
KeyVaultLastAccessStatusContractProperties
Emitir propiedades de actualización de contrato.
Nombre |
Tipo |
Description |
code
|
string
|
Último código de estado para la sincronización y actualización del secreto desde el almacén de claves.
|
message
|
string
|
Detalles del error en blanco.
|
timeStampUtc
|
string
|
Última vez que se obtuvo acceso al secreto. La fecha se ajusta al siguiente formato: yyyy-MM-ddTHH:mm:ssZ según lo especificado por el estándar ISO 8601.
|