你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Certificate - List By Service

Service:

API Management

API Version:

2022-08-01

列出指定服务实例中所有证书的集合。

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates?api-version=2022-08-01

With optional parameters:

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/certificates?$filter={$filter}&$top={$top}&$skip={$skip}&isKeyVaultRefreshFailed={isKeyVaultRefreshFailed}&api-version=2022-08-01

URI 参数

名称	在	必需	类型	说明
resourceGroupName	path	True	string	资源组的名称。 此名称不区分大小写。
serviceName	path	True	string	API 管理服务的名称。 Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
subscriptionId	path	True	string	目标订阅的 ID。
api-version	query	True	string	要用于此操作的 API 版本。
$filter	query		string	|字段 |用法 |支持的运算符 |支持的函数 | |-------------|-------------|-------------|-------------| |name |filter |ge、le、eq、ne、gt、lt |substringof、contains、startswith、endswith | |subject |filter |ge、le、eq、ne、gt、lt |substringof、contains、startswith、endswith | |指纹 |filter |ge、le、eq、ne、gt、lt |substringof、contains、startswith、endswith | |expirationDate |filter |ge、le、eq、ne、gt、lt | |
$skip	query		integer int32	要跳过的记录数。
$top	query		integer int32	要返回的记录数。
isKeyVaultRefreshFailed	query		boolean	设置为 true 时，响应仅包含刷新失败的证书实体。

响应

名称	类型	说明
200 OK	CertificateCollection	返回 Certificate 实体的集合。
Other Status Codes	ErrorResponse	描述操作失败原因的错误响应。

安全性

azure_auth

Azure Active Directory OAuth2 流。

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

名称	说明
user_impersonation	模拟用户帐户

示例

ApiManagementListCertificates

Sample Request

HTTP

GET https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates?api-version=2022-08-01

Java

/** Samples for Certificate ListByService. */
public final class Main {
    /*
     * x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementListCertificates.json
     */
    /**
     * Sample code: ApiManagementListCertificates.
     *
     * @param manager Entry point to ApiManagementManager.
     */
    public static void apiManagementListCertificates(
        com.azure.resourcemanager.apimanagement.ApiManagementManager manager) {
        manager
            .certificates()
            .listByService("rg1", "apimService1", null, null, null, null, com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Python

from azure.identity import DefaultAzureCredential

from azure.mgmt.apimanagement import ApiManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-apimanagement
# USAGE
    python api_management_list_certificates.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = ApiManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="subid",
    )

    response = client.certificate.list_by_service(
        resource_group_name="rg1",
        service_name="apimService1",
    )
    for item in response:
        print(item)


# x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementListCertificates.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armapimanagement_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/apimanagement/armapimanagement/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/4cd95123fb961c68740565a1efcaa5e43bd35802/specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementListCertificates.json
func ExampleCertificateClient_NewListByServicePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armapimanagement.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewCertificateClient().NewListByServicePager("rg1", "apimService1", &armapimanagement.CertificateClientListByServiceOptions{Filter: nil,
		Top:                     nil,
		Skip:                    nil,
		IsKeyVaultRefreshFailed: nil,
	})
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.CertificateCollection = armapimanagement.CertificateCollection{
		// 	Count: to.Ptr[int64](2),
		// 	Value: []*armapimanagement.CertificateContract{
		// 		{
		// 			Name: to.Ptr("templateCert1"),
		// 			Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
		// 			ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/kjoshiarmtemplateCert1"),
		// 			Properties: &armapimanagement.CertificateContractProperties{
		// 				ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-04-23T17:03:41.000Z"); return t}()),
		// 				Subject: to.Ptr("CN=mutual-authcert"),
		// 				Thumbprint: to.Ptr("EBA************************48594A6"),
		// 			},
		// 		},
		// 		{
		// 			Name: to.Ptr("templateCertkv"),
		// 			Type: to.Ptr("Microsoft.ApiManagement/service/certificates"),
		// 			ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv"),
		// 			Properties: &armapimanagement.CertificateContractProperties{
		// 				ExpirationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2037-01-01T07:00:00.000Z"); return t}()),
		// 				KeyVault: &armapimanagement.KeyVaultContractProperties{
		// 					IdentityClientID: to.Ptr("ceaa6b06-c00f-43ef-99ac-f53d1fe876a0"),
		// 					SecretIdentifier: to.Ptr("https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert"),
		// 					LastStatus: &armapimanagement.KeyVaultLastAccessStatusContractProperties{
		// 						Code: to.Ptr("Success"),
		// 						TimeStampUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-22T00:24:53.319Z"); return t}()),
		// 					},
		// 				},
		// 				Subject: to.Ptr("CN=*.msitesting.net"),
		// 				Thumbprint: to.Ptr("EA**********************9AD690"),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { ApiManagementClient } = require("@azure/arm-apimanagement");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Lists a collection of all certificates in the specified service instance.
 *
 * @summary Lists a collection of all certificates in the specified service instance.
 * x-ms-original-file: specification/apimanagement/resource-manager/Microsoft.ApiManagement/stable/2022-08-01/examples/ApiManagementListCertificates.json
 */
async function apiManagementListCertificates() {
  const subscriptionId = process.env["APIMANAGEMENT_SUBSCRIPTION_ID"] || "subid";
  const resourceGroupName = process.env["APIMANAGEMENT_RESOURCE_GROUP"] || "rg1";
  const serviceName = "apimService1";
  const credential = new DefaultAzureCredential();
  const client = new ApiManagementClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.certificate.listByService(resourceGroupName, serviceName)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:

200

{
  "value": [
    {
      "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/kjoshiarmtemplateCert1",
      "type": "Microsoft.ApiManagement/service/certificates",
      "name": "templateCert1",
      "properties": {
        "subject": "CN=mutual-authcert",
        "thumbprint": "EBA************************48594A6",
        "expirationDate": "2017-04-23T17:03:41Z"
      }
    },
    {
      "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/certificates/templateCertkv",
      "type": "Microsoft.ApiManagement/service/certificates",
      "name": "templateCertkv",
      "properties": {
        "subject": "CN=*.msitesting.net",
        "thumbprint": "EA**********************9AD690",
        "expirationDate": "2037-01-01T07:00:00Z",
        "keyVault": {
          "secretIdentifier": "https://rpbvtkeyvaultintegration.vault-int.azure-int.net/secrets/msitestingCert",
          "identityClientId": "ceaa6b06-c00f-43ef-99ac-f53d1fe876a0",
          "lastStatus": {
            "code": "Success",
            "timeStampUtc": "2020-09-22T00:24:53.3191468Z"
          }
        }
      }
    }
  ],
  "count": 2,
  "nextLink": ""
}

定义

名称	说明
CertificateCollection	分页证书列表表示形式。
CertificateContract	证书详细信息。
ErrorFieldContract	错误字段协定。
ErrorResponse	错误响应。
KeyVaultContractProperties	KeyVault 合同详细信息。
KeyVaultLastAccessStatusContractProperties	发出协定更新属性。

CertificateCollection

分页证书列表表示形式。

名称	类型	说明
count	integer	所有页面的总记录计数数。
nextLink	string	下一页链接（如果有）。
value	CertificateContract[]	页面值。

CertificateContract

证书详细信息。

名称	类型	说明
id	string	资源的完全限定的资源 ID。 例如 - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	资源的名称
properties.expirationDate	string	证书的到期日期。 日期符合以下格式： yyyy-MM-ddTHH:mm:ssZ 由 ISO 8601 标准指定。
properties.keyVault	KeyVaultContractProperties	证书的 KeyVault 位置详细信息。
properties.subject	string	证书的主题属性。
properties.thumbprint	string	证书的指纹。
type	string	资源类型。 例如“Microsoft.Compute/virtualMachines”或“Microsoft.Storage/storageAccounts”

ErrorFieldContract

错误字段协定。

名称	类型	说明
code	string	属性级错误代码。
message	string	属性级错误的可读表示形式。
target	string	属性名称。

ErrorResponse

错误响应。

名称	类型	说明
error.code	string	服务定义的错误代码。 此代码用作响应中指定的 HTTP 错误代码的子状态。
error.details	ErrorFieldContract[]	在发生验证错误时，请求中发送的无效字段列表。
error.message	string	错误的用户可读表示形式。

KeyVaultContractProperties

KeyVault 合同详细信息。

名称	类型	说明
identityClientId	string	对于 SystemAssignedIdentity，或 UserAssignedIdentity 的客户端 ID 为 Null，这将用于访问密钥保管库机密。
lastStatus	KeyVaultLastAccessStatusContractProperties	上次从密钥保管库同步和刷新机密的状态。
secretIdentifier	string	用于提取机密的密钥保管库机密标识符。 提供版本控制机密将阻止自动刷新。 这要求API 管理服务配置 aka.ms/apimmsi

KeyVaultLastAccessStatusContractProperties

发出协定更新属性。

名称	类型	说明
code	string	用于从密钥保管库同步和刷新机密的最后状态代码。
message	string	错误的详细信息，否则为空。
timeStampUtc	string	上次访问机密的时间。 日期符合以下格式： yyyy-MM-ddTHH:mm:ssZ 由 ISO 8601 标准指定。