Cria ou atualiza o certificado que está a ser utilizado para autenticação com o back-end.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates/{certificateId}?api-version=2022-08-01
Parâmetros do URI
Name |
Em |
Necessário |
Tipo |
Description |
certificateId
|
path |
True
|
string
|
Identificador da entidade de certificado. Tem de ser exclusivo na instância de serviço do Gestão de API atual.
Regex pattern: ^[^*#&+:<>?]+$
|
resourceGroupName
|
path |
True
|
string
|
O nome do grupo de recursos. O nome não é sensível a maiúsculas e minúsculas.
|
serviceName
|
path |
True
|
string
|
O nome do serviço Gestão de API.
Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
|
subscriptionId
|
path |
True
|
string
|
O ID da subscrição de destino.
|
api-version
|
query |
True
|
string
|
A versão da API a utilizar para esta operação.
|
Name |
Necessário |
Tipo |
Description |
If-Match
|
|
string
|
ETag da Entidade. Não é necessário ao criar uma entidade, mas é necessário ao atualizar uma entidade.
|
Corpo do Pedido
Name |
Tipo |
Description |
properties.data
|
string
|
Certificado codificado base 64 com a representação application/x-pkcs12.
|
properties.keyVault
|
KeyVaultContractCreateProperties
|
Detalhes de localização do KeyVault do certificado.
|
properties.password
|
string
|
Palavra-passe do Certificado
|
Respostas
Name |
Tipo |
Description |
200 OK
|
CertificateContract
|
Os detalhes do certificado foram atualizados com êxito.
Headers
ETag: string
|
201 Created
|
CertificateContract
|
O novo certificado foi adicionado com êxito.
Headers
ETag: string
|
Other Status Codes
|
ErrorResponse
|
Resposta de erro que descreve o motivo pela qual a operação falhou.
|
Segurança
azure_auth
Fluxo OAuth2 do Azure Active Directory.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
representar a sua conta de utilizador
|
Exemplos
ApiManagementCreateCertificate
Sample Request
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert?api-version=2022-08-01
{
"properties": {
"data": "****************Base 64 Encoded Certificate *******************************",
"password": "****Certificate Password******"
}
}
/** Samples for Certificate CreateOrUpdate. */
public final class Main {
/*
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
*/
/**
* Sample code: ApiManagementCreateCertificate.
*
* @param manager Entry point to ApiManagementManager.
*/
public static void apiManagementCreateCertificate(
com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
manager
.certificates()
.define("tempcert")
.withExistingService("rg1", "apimService1")
.withData("****************Base 64 Encoded Certificate *******************************")
.withPassword("****Certificate Password******")
.create();
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.apimanagement import ApiManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-apimanagement
# USAGE
python api_management_create_certificate.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ApiManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.certificate.create_or_update(
resource_group_name="rg1",
service_name="apimService1",
certificate_id="tempcert",
parameters={
"properties": {
"data": "****************Base 64 Encoded Certificate *******************************",
"password": "****Certificate Password******",
}
},
)
print(response)
# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armapimanagement_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
func ExampleCertificateClient_CreateOrUpdate_apiManagementCreateCertificate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewCertificateClient().CreateOrUpdate(ctx, "rg1", "apimService1", "tempcert", armapimanagement.CertificateCreateOrUpdateParameters{
Properties: &armapimanagement.CertificateCreateOrUpdateProperties{
Data: to.Ptr("****************Base 64 Encoded Certificate *******************************"),
Password: to.Ptr("****Certificate Password******"),
},
}, &armapimanagement.CertificateClientCreateOrUpdateOptions{IfMatch: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.CertificateContract = armapimanagement.CertificateContract{
// Name: to.Ptr("tempcert"),
// Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert"),
// Properties: &armapimanagement.CertificateContractProperties{
// ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-03-17T21:55:07.000Z"); return t}()),
// Subject: to.Ptr("CN=contoso.com"),
// Thumbprint: to.Ptr("*******************3"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the certificate being used for authentication with the backend.
*
* @summary Creates or updates the certificate being used for authentication with the backend.
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificate.json
*/
async function apiManagementCreateCertificate() {
const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const certificateId = "tempcert";
const parameters = {
data: "****************Base 64 Encoded Certificate *******************************",
password: "****Certificate Password******",
};
const credential = new DefaultAzureCredential();
const client = new ApiManagementClient(credential, subscriptionId);
const result = await client.certificate.createOrUpdate(
resourceGroupName,
serviceName,
certificateId,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "tempcert",
"properties": {
"subject": "CN=contoso.com",
"thumbprint": "*******************3",
"expirationDate": "2018-03-17T21:55:07+00:00"
}
}
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/tempcert",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "tempcert",
"properties": {
"subject": "CN=contoso.com",
"thumbprint": "*******************3",
"expirationDate": "2018-03-17T21:55:07+00:00"
}
}
ApiManagementCreateCertificateWithKeyVault
Sample Request
PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv?api-version=2022-08-01
{
"properties": {
"keyVault": {
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"
}
}
}
import com.azure.resourcemanager.apimanagement.models.KeyVaultContractCreateProperties;
/** Samples for Certificate CreateOrUpdate. */
public final class Main {
/*
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
*/
/**
* Sample code: ApiManagementCreateCertificateWithKeyVault.
*
* @param manager Entry point to ApiManagementManager.
*/
public static void apiManagementCreateCertificateWithKeyVault(
com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
manager
.certificates()
.define("templateCertkv")
.withExistingService("rg1", "apimService1")
.withKeyVault(
new KeyVaultContractCreateProperties()
.withSecretIdentifier("fakeTokenPlaceholder")
.withIdentityClientId("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"))
.create();
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.apimanagement import ApiManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-apimanagement
# USAGE
python api_management_create_certificate_with_key_vault.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ApiManagementClient(
credential=DefaultAzureCredential(),
subscription_id="subid",
)
response = client.certificate.create_or_update(
resource_group_name="rg1",
service_name="apimService1",
certificate_id="templateCertkv",
parameters={
"properties": {
"keyVault": {
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
}
}
},
)
print(response)
# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armapimanagement_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
func ExampleCertificateClient_CreateOrUpdate_apiManagementCreateCertificateWithKeyVault() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewCertificateClient().CreateOrUpdate(ctx, "rg1", "apimService1", "templateCertkv", armapimanagement.CertificateCreateOrUpdateParameters{
Properties: &armapimanagement.CertificateCreateOrUpdateProperties{
KeyVault: &armapimanagement.KeyVaultContractCreateProperties{
IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
},
},
}, &armapimanagement.CertificateClientCreateOrUpdateOptions{IfMatch: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.CertificateContract = armapimanagement.CertificateContract{
// Name: to.Ptr("templateCertkv"),
// Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
// ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv"),
// Properties: &armapimanagement.CertificateContractProperties{
// ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2037-01-01T07:00:00.000Z"); return t}()),
// KeyVault: &armapimanagement.KeyVaultContractProperties{
// IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
// SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
// LastStatus: &armapimanagement.KeyVaultLastAccessStatusContractProperties{
// Code: to.Ptr("Success"),
// TimeStampUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-22T00:24:53.319Z"); return t}()),
// },
// },
// Subject: to.Ptr("CN=*.msitesting.net"),
// Thumbprint: to.Ptr("EA**********************9AD690"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates the certificate being used for authentication with the backend.
*
* @summary Creates or updates the certificate being used for authentication with the backend.
* x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementCreateCertificateWithKeyVault.json
*/
async function apiManagementCreateCertificateWithKeyVault() {
const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const certificateId = "templateCertkv";
const parameters = {
keyVault: {
identityClientId: "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
secretIdentifier:
"https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
},
};
const credential = new DefaultAzureCredential();
const client = new ApiManagementClient(credential, subscriptionId);
const result = await client.certificate.createOrUpdate(
resourceGroupName,
serviceName,
certificateId,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
{
"id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
"type": "Microsoft.ApiManagement/service/certificates",
"name": "templateCertkv",
"properties": {
"subject": "CN=*.msitesting.net",
"thumbprint": "EA**********************9AD690",
"expirationDate": "2037-01-01T07:00:00Z",
"keyVault": {
"secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
"identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
"lastStatus": {
"code": "Success",
"timeStampUtc": "2020-09-22T00:24:53.3191468Z"
}
}
}
}
Definições
CertificateContract
Detalhes do certificado.
Name |
Tipo |
Description |
id
|
string
|
ID de recurso completamente qualificado para o recurso. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
name
|
string
|
O nome do recurso
|
properties.expirationDate
|
string
|
Data de expiração do certificado. A data está em conformidade com o seguinte formato: yyyy-MM-ddTHH:mm:ssZ conforme especificado pela norma ISO 8601.
|
properties.keyVault
|
KeyVaultContractProperties
|
Detalhes de localização do KeyVault do certificado.
|
properties.subject
|
string
|
Atributo do requerente do certificado.
|
properties.thumbprint
|
string
|
Impressão digital do certificado.
|
type
|
string
|
O tipo do recurso. Por exemplo, "Microsoft.Compute/virtualMachines" ou "Microsoft.Storage/storageAccounts"
|
CertificateCreateOrUpdateParameters
Detalhes de criação ou atualização de certificados.
Name |
Tipo |
Description |
properties.data
|
string
|
Certificado codificado base 64 com a representação application/x-pkcs12.
|
properties.keyVault
|
KeyVaultContractCreateProperties
|
Detalhes de localização do KeyVault do certificado.
|
properties.password
|
string
|
Palavra-passe do Certificado
|
ErrorFieldContract
Contrato de Campo de Erro.
Name |
Tipo |
Description |
code
|
string
|
Código de erro de nível de propriedade.
|
message
|
string
|
Representação legível por humanos do erro ao nível da propriedade.
|
target
|
string
|
Nome da propriedade.
|
ErrorResponse
Resposta do Erro.
Name |
Tipo |
Description |
error.code
|
string
|
Código de erro definido pelo serviço. Este código serve como um subestado para o código de erro HTTP especificado na resposta.
|
error.details
|
ErrorFieldContract[]
|
A lista de campos inválidos enviados no pedido, em caso de erro de validação.
|
error.message
|
string
|
Representação legível por humanos do erro.
|
KeyVaultContractCreateProperties
Crie detalhes do contrato keyVault.
Name |
Tipo |
Description |
identityClientId
|
string
|
Null para SystemAssignedIdentity ou ID de Cliente para UserAssignedIdentity , que será utilizado para aceder ao segredo do cofre de chaves.
|
secretIdentifier
|
string
|
Identificador do segredo do cofre de chaves para obter o segredo. Fornecer um segredo com versões impedirá a atualização automática. Isto requer que Gestão de API serviço seja configurado com aka.ms/apimmsi
|
KeyVaultContractProperties
Detalhes do contrato do KeyVault.
Name |
Tipo |
Description |
identityClientId
|
string
|
Null para SystemAssignedIdentity ou ID de Cliente para UserAssignedIdentity , que será utilizado para aceder ao segredo do cofre de chaves.
|
lastStatus
|
KeyVaultLastAccessStatusContractProperties
|
Da última vez, sincronize e atualize o estado do segredo do cofre de chaves.
|
secretIdentifier
|
string
|
Identificador do segredo do cofre de chaves para obter o segredo. Fornecer um segredo com versões impedirá a atualização automática. Isto requer que Gestão de API serviço seja configurado com aka.ms/apimmsi
|
KeyVaultLastAccessStatusContractProperties
Emitir Propriedades de Atualização do contrato.
Name |
Tipo |
Description |
code
|
string
|
Último código de estado para sincronização e atualização do segredo do cofre de chaves.
|
message
|
string
|
Os detalhes do erro estão vazios.
|
timeStampUtc
|
string
|
A última vez que o segredo foi acedido. A data está em conformidade com o seguinte formato: yyyy-MM-ddTHH:mm:ssZ conforme especificado pela norma ISO 8601.
|