New-AzApiManagementCertificate

Creates an API Management certificate to be used during Authentication with Backend.

Syntax

New-AzApiManagementCertificate
   -Context <PsApiManagementContext>
   [-CertificateId <String>]
   [-PfxFilePath <String>]
   [-PfxPassword <String>]
   [-KeyVault <PsApiManagementKeyVaultEntity>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzApiManagementCertificate
   -Context <PsApiManagementContext>
   [-CertificateId <String>]
   [-PfxBytes <Byte[]>]
   [-PfxPassword <String>]
   [-KeyVault <PsApiManagementKeyVaultEntity>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzApiManagementCertificate cmdlet creates an Azure API Management certificate.

Examples

Example 1: Create and upload a certificate

$ApiMgmtContext = New-AzApiManagementContext -ResourceGroupName "Api-Default-WestUS" -ServiceName "contoso"
New-AzApiManagementCertificate -Context $ApiMgmtContext -PfxFilePath "C:\contoso\certificates\apimanagement.pfx" -PfxPassword "1111"

This command uploads a certificate to Api Management. This certificate can be used for mutual authentication with backend using policies.

Example 2

Creates an API Management certificate to be used during Authentication with Backend. (autogenerated)

New-AzApiManagementCertificate -CertificateId '0123456789' -Context <PsApiManagementContext> -PfxFilePath 'C:\contoso\certificates\apimanagement.pfx' -PfxPassword '1111'

Example 3 : Create a keyVault Certificate

$secretIdentifier = 'https://contoso.vault.azure.net/secrets/xxxx'
$keyvault = New-AzApiManagementKeyVaultObject -SecretIdentifier $secretIdentifier
$keyVaultcert = New-AzApiManagementCertificate -Context $context -CertificateId $kvcertId -KeyVault $keyvault

The first command creates a keyvault. The second command creates a certificate using secret from this keyvault.

Parameters

-CertificateId

Specifies the ID of the certificate to create. If you do not specify this parameter, an ID is generated for you.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Context

Specifies a PsApiManagementContext object.

Type:PsApiManagementContext
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-KeyVault

KeyVault used to fetch certificate data.This parameter is required if -PfxFilePath not specified. See New-AzApiManagementKeyVaultObject for details.

Type:PsApiManagementKeyVaultEntity
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PfxBytes

Specifies an array of bytes of the certificate file in .pfx format. This parameter is required if you do not specify the PfxFilePath parameter.

Type:Byte[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PfxFilePath

Specifies the path to the certificate file in .pfx format to create and upload. This parameter is required if you do not specify the PfxBytes parameter.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PfxPassword

Specifies the password for the certificate.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

Inputs

PsApiManagementContext

String

Byte[]

Outputs

PsApiManagementCertificate