你当前正在访问 Microsoft Azure Global Edition 技术文档网站。如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

CertificateClient class

包:: @azure/keyvault-certificates

要与 KeyVault 证书功能交互的客户端

构造函数

CertificateClient(string, TokenCredential, CertificateClientOptions)

创建 CertificateClient 的实例。

属性

vaultUrl

保管库的基 URL

方法

backupCertificate(string, OperationOptions)	请求将指定证书的备份下载到客户端。将下载证书的所有版本。此作需要证书/备份权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); await client.beginCreateCertificate("MyCertificate", { issuerName: "Self", subject: "cn=MyCert", }); const backup = await client.backupCertificate("MyCertificate"); 生成证书的备份
beginCreateCertificate(string, CertificatePolicy, BeginCreateCertificateOptions)	创建新的证书。如果这是第一个版本，则会创建证书资源。此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。注意：发送 `Self` 作为证书策略 `issuerName` 将创建自签名证书。此作需要证书/创建权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const certificateName = "MyCertificateName"; const certificatePolicy = { issuerName: "Self", subject: "cn=MyCert", }; const poller = await client.beginCreateCertificate(certificateName, certificatePolicy); // You can use the pending certificate immediately: const pendingCertificate = poller.getResult(); // Or you can wait until the certificate finishes being signed: const keyVaultCertificate = await poller.pollUntilDone(); console.log(keyVaultCertificate); 创建证书
beginDeleteCertificate(string, CertificatePollerOptions)	DELETE作适用于 Azure Key Vault 中存储的任何证书。 DELETE 不能应用于单个版本的证书。此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。此作需要证书/删除权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); const certificateName = "MyCertificate"; const poller = await client.beginDeleteCertificate(certificateName); // You can use the deleted certificate immediately: const deletedCertificate = poller.getResult(); // The certificate is being deleted. Only wait for it if you want to restore it or purge it. await poller.pollUntilDone(); // You can also get the deleted certificate this way: await client.getDeletedCertificate(certificateName); // Deleted certificates can also be recovered or purged. // recoverDeletedCertificate returns a poller, just like beginDeleteCertificate. // const recoverPoller = await client.beginRecoverDeletedCertificate(certificateName); // await recoverPoller.pollUntilDone(); // If a certificate is done and the Key Vault has soft-delete enabled, the certificate can be purged with: await client.purgeDeletedCertificate(certificateName); 从指定的密钥保管库中删除证书。
beginRecoverDeletedCertificate(string, CertificatePollerOptions)	恢复指定保管库中已删除的证书。此作只能在启用软删除的保管库上执行。此作此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。此作需要证书/恢复权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const deletePoller = await client.beginDeleteCertificate("MyCertificate"); await deletePoller.pollUntilDone(); const recoverPoller = await client.beginRecoverDeletedCertificate("MyCertificate"); // Waiting until it's done const certificate = await recoverPoller.pollUntilDone(); console.log(certificate); 恢复已删除的证书
createIssuer(string, string, CreateIssuerOptions)	createIssuer作添加或更新指定的证书颁发者。此作需要证书/setissuers 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); await client.createIssuer("IssuerName", "Test"); 设置指定的证书颁发者。
deleteCertificateOperation(string, OperationOptions)	删除正在创建的指定证书的创建作。不再创建证书。此作需要证书/更新权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); await client.beginCreateCertificate("MyCertificate", { issuerName: "Self", subject: "cn=MyCert", }); await client.deleteCertificateOperation("MyCertificate"); await client.getCertificateOperation("MyCertificate"); 删除证书的作
deleteContacts(OperationOptions)	删除所有证书联系人。此作需要证书/managecontacts 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); await client.deleteContacts(); 删除所有证书联系人
deleteIssuer(string, OperationOptions)	deleteIssuer作永久删除保管库中的指定证书颁发者。此作需要证书/manageissuers/deleteissuers 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); await client.deleteIssuer("IssuerName"); 删除指定的证书颁发者。
getCertificate(string, OperationOptions)	获取特定证书中可用的最新信息，包括证书的策略。此作需要证书/获取权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); const certificateName = "MyCertificate"; const result = await client.getCertificate(certificateName); console.log(result.name); 从证书的名称检索证书（包括证书策略）
getCertificateOperation(string, CertificatePollerOptions)	获取与指定证书关联的创建作。此作需要证书/获取权限。此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const createPoller = await client.beginCreateCertificate("MyCertificate", { issuerName: "Self", subject: "cn=MyCert", }); const poller = await client.getCertificateOperation("MyCertificate"); const pendingCertificate = poller.getResult(); const certificateOperation = poller.getOperationState().certificateOperation; console.log(certificateOperation); 获取证书的轮询器作
getCertificatePolicy(string, OperationOptions)	getCertificatePolicy作返回指定密钥保管库中的指定证书策略资源。此作需要证书/获取权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const policy = await client.getCertificatePolicy("MyCertificate"); console.log(policy); 获取证书的策略
getCertificateVersion(string, string, OperationOptions)	获取有关特定版本上特定证书的信息。它不会返回证书的策略。此作需要证书/获取权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const certificateName = "MyCertificateName"; const latestCertificate = await client.getCertificate(certificateName); console.log(`Latest version of the certificate ${certificateName}: `, latestCertificate); const specificCertificate = await client.getCertificateVersion( certificateName, latestCertificate.properties.version, ); console.log( `The certificate ${certificateName} at the version ${latestCertificate.properties.version}: `, specificCertificate, ); 从证书的名称和指定版本检索证书
getContacts(OperationOptions)	返回指定密钥保管库中的证书联系人资源集。此作需要证书/managecontacts 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); const contacts = await client.getContacts(); for (const contact of contacts) { console.log(contact); } 设置证书联系人。
getDeletedCertificate(string, OperationOptions)	检索已删除的证书信息及其属性，例如保留间隔、计划的永久删除和当前删除恢复级别。此作需要证书/获取权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const deletedCertificate = await client.getDeletedCertificate("MyDeletedCertificate"); console.log("Deleted certificate:", deletedCertificate); 获取已删除的证书
getIssuer(string, OperationOptions)	getIssuer作返回指定密钥保管库中的指定证书颁发者资源。此作需要证书/manageissuers/getissuers 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); const certificateIssuer = await client.getIssuer("IssuerName"); console.log(certificateIssuer); 获取指定的证书颁发者。
importCertificate(string, Uint8Array, ImportCertificateOptions)	将包含私钥的现有有效证书导入 Azure Key Vault。要导入的证书可以采用 PFX 或 PEM 格式。如果证书采用 PEM 格式，PEM 文件必须包含密钥和 x509 证书。此作需要证书/导入权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; import { SecretClient } from "@azure/keyvault-secrets"; import { isNodeLike } from "@azure/core-util"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const secretClient = new SecretClient(url, credential); const certificateSecret = await secretClient.getSecret("MyCertificate"); const base64EncodedCertificate = certificateSecret.value!; const buffer = isNodeLike ? Buffer.from(base64EncodedCertificate, "base64") : Uint8Array.from(atob(base64EncodedCertificate), (c) => c.charCodeAt(0)); await client.importCertificate("MyCertificate", buffer); 从证书的机密值导入证书
listDeletedCertificates(ListDeletedCertificatesOptions)	检索当前保管库中的证书，这些证书处于已删除状态并已准备好恢复或清除。此作包括特定于删除的信息。此作需要证书/获取/列表权限。只能在启用软删除的保管库上启用此作。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); for await (const deletedCertificate of client.listDeletedCertificates()) { console.log(deletedCertificate); } for await (const page of client.listDeletedCertificates().byPage()) { for (const deletedCertificate of page) { console.log(deletedCertificate); } } 列出已删除的证书
listPropertiesOfCertificates(ListPropertiesOfCertificatesOptions)	循环访问保管库中所有证书的最新版本。响应中提供了完整的证书标识符和属性。证书不返回任何值。此作需要证书/列表权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); // All in one call for await (const certificateProperties of client.listPropertiesOfCertificates()) { console.log(certificateProperties); } // By pages for await (const page of client.listPropertiesOfCertificates().byPage()) { for (const certificateProperties of page) { console.log(certificateProperties); } } 列出指定证书的所有版本。
listPropertiesOfCertificateVersions(string, OperationOptions)	返回指定密钥保管库中证书的版本。此作需要证书/列表权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); for await (const certificateProperties of client.listPropertiesOfCertificateVersions( "MyCertificate", )) { console.log(certificateProperties.version!); } 列出证书的版本。
listPropertiesOfIssuers(OperationOptions)	返回指定密钥保管库中的证书颁发者资源集。此作需要证书/manageissuers/getissuers 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); await client.createIssuer("IssuerName", "Test"); // All in one call for await (const issuerProperties of client.listPropertiesOfIssuers()) { console.log(issuerProperties); } // By pages for await (const page of client.listPropertiesOfIssuers().byPage()) { for (const issuerProperties of page) { console.log(issuerProperties); } } 列出证书颁发者。
mergeCertificate(string, Uint8Array[], OperationOptions)	使用服务中当前可用的密钥对执行证书或证书链的合并。此作需要证书/创建权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; import { writeFileSync, readFileSync } from "node:fs"; import { execSync } from "node:child_process"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); await client.beginCreateCertificate("MyCertificate", { issuerName: "Unknown", subject: "cn=MyCert", }); const poller = await client.getCertificateOperation("MyCertificate"); const { csr } = poller.getOperationState().certificateOperation!; const base64Csr = Buffer.from(csr!).toString("base64"); const wrappedCsr = [ "-----BEGIN CERTIFICATE REQUEST-----", base64Csr, "-----END CERTIFICATE REQUEST-----", ].join("\n"); writeFileSync("test.csr", wrappedCsr); // Certificate available locally made using: // openssl genrsa -out ca.key 2048 // openssl req -new -x509 -key ca.key -out ca.crt // You can read more about how to create a fake certificate authority here: https://gist.github.com/Soarez/9688998 execSync("openssl x509 -req -in test.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out test.crt"); const base64Crt = readFileSync("test.crt").toString().split("\n").slice(1, -1).join(""); await client.mergeCertificate("MyCertificate", [Buffer.from(base64Crt)]); 将签名的证书请求合并到挂起的证书中
purgeDeletedCertificate(string, OperationOptions)	执行指定证书的不可逆删除作，且无法进行恢复。如果恢复级别未指定“可清除”，则此作不可用。此作需要证书/清除权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); const deletePoller = await client.beginDeleteCertificate("MyCertificate"); await deletePoller.pollUntilDone(); // Deleting a certificate takes time, make sure to wait before purging it client.purgeDeletedCertificate("MyCertificate"); 获取已删除的证书
restoreCertificateBackup(Uint8Array, OperationOptions)	将备份的证书及其所有版本还原到保管库。此作需要证书/还原权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); await client.beginCreateCertificate("MyCertificate", { issuerName: "Self", subject: "cn=MyCert", }); const backup = await client.backupCertificate("MyCertificate"); const poller = await client.beginDeleteCertificate("MyCertificate"); await poller.pollUntilDone(); // Some time is required before we're able to restore the certificate await client.restoreCertificateBackup(backup!); 从备份还原证书
setContacts(CertificateContact[], OperationOptions)	设置密钥保管库的证书联系人。此作需要证书/managecontacts 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); await client.setContacts([ { email: "b@b.com", name: "b", phone: "222222222222", }, ]); 设置证书联系人。
updateCertificatePolicy(string, CertificatePolicy, OperationOptions)	更新指定证书的证书策略。此作需要证书/更新权限。获取证书的策略
updateCertificateProperties(string, string, UpdateCertificatePropertiesOptions)	对给定证书应用指定的更新;更新的唯一元素是证书的属性。此作需要证书/更新权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(url, credential); // You may pass an empty string for version which will update // the latest version of the certificate await client.updateCertificateProperties("MyCertificate", "", { tags: { customTag: "value", }, }); 更新证书
updateIssuer(string, UpdateIssuerOptions)	updateIssuer作对指定的证书颁发者实体执行更新。此作需要证书/setissuers 权限。示例用法： import { DefaultAzureCredential } from "@azure/identity"; import { CertificateClient } from "@azure/keyvault-certificates"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const keyVaultUrl = `https://${vaultName}.vault.azure.net`; const client = new CertificateClient(keyVaultUrl, credential); await client.updateIssuer("IssuerName", { provider: "Provider2", }); 更新指定的证书颁发者。

构造函数详细信息

CertificateClient(string, TokenCredential, CertificateClientOptions)

创建 CertificateClient 的实例。

new CertificateClient(vaultUrl: string, credential: TokenCredential, clientOptions?: CertificateClientOptions)

参数

vaultUrl: string

保管库的基 URL。应验证此 URL 是否引用有效的 Key Vault 资源。有关详细信息，请参阅 https://aka.ms/azsdk/blog/vault-uri。

credential: TokenCredential

实现用于对服务的请求进行身份验证的 TokenCredential 接口的对象。使用 @azure/identity 包创建符合需求的凭据。

clientOptions: CertificateClientOptions

用于配置 Key Vault API 请求的管道选项。省略此参数以使用默认管道配置。

属性详细信息

vaultUrl

保管库的基 URL

vaultUrl: string

属性值

string

方法详细信息

backupCertificate(string, OperationOptions)

请求将指定证书的备份下载到客户端。将下载证书的所有版本。此作需要证书/备份权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

await client.beginCreateCertificate("MyCertificate", {
  issuerName: "Self",
  subject: "cn=MyCert",
});
const backup = await client.backupCertificate("MyCertificate");

生成证书的备份

function backupCertificate(certificateName: string, options?: OperationOptions): Promise<undefined | Uint8Array>

参数

certificateName: string

证书的名称

options: OperationOptions

可选参数

Promise<undefined | Uint8Array>

beginCreateCertificate(string, CertificatePolicy, BeginCreateCertificateOptions)

创建新的证书。如果这是第一个版本，则会创建证书资源。此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。

注意： 发送 Self 作为证书策略 issuerName 将创建自签名证书。

此作需要证书/创建权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const certificateName = "MyCertificateName";
const certificatePolicy = {
  issuerName: "Self",
  subject: "cn=MyCert",
};

const poller = await client.beginCreateCertificate(certificateName, certificatePolicy);

// You can use the pending certificate immediately:
const pendingCertificate = poller.getResult();

// Or you can wait until the certificate finishes being signed:
const keyVaultCertificate = await poller.pollUntilDone();
console.log(keyVaultCertificate);

创建证书

function beginCreateCertificate(certificateName: string, policy: CertificatePolicy, options?: BeginCreateCertificateOptions): Promise<PollerLikeWithCancellation<CreateCertificateState, KeyVaultCertificateWithPolicy>>

参数

certificateName: string

证书的名称

policy: CertificatePolicy

options: BeginCreateCertificateOptions

可选参数

Promise<PollerLikeWithCancellation<CreateCertificateState, KeyVaultCertificateWithPolicy>>

beginDeleteCertificate(string, CertificatePollerOptions)

DELETE作适用于 Azure Key Vault 中存储的任何证书。 DELETE 不能应用于单个版本的证书。此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。

此作需要证书/删除权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

const certificateName = "MyCertificate";

const poller = await client.beginDeleteCertificate(certificateName);

// You can use the deleted certificate immediately:
const deletedCertificate = poller.getResult();

// The certificate is being deleted. Only wait for it if you want to restore it or purge it.
await poller.pollUntilDone();

// You can also get the deleted certificate this way:
await client.getDeletedCertificate(certificateName);

// Deleted certificates can also be recovered or purged.

// recoverDeletedCertificate returns a poller, just like beginDeleteCertificate.
// const recoverPoller = await client.beginRecoverDeletedCertificate(certificateName);
// await recoverPoller.pollUntilDone();

// If a certificate is done and the Key Vault has soft-delete enabled, the certificate can be purged with:
await client.purgeDeletedCertificate(certificateName);

从指定的密钥保管库中删除证书。

function beginDeleteCertificate(certificateName: string, options?: CertificatePollerOptions): Promise<PollerLike<DeleteCertificateState, DeletedCertificate>>

参数

certificateName: string

证书的名称。

options: CertificatePollerOptions

可选参数

Promise<PollerLike<DeleteCertificateState, DeletedCertificate>>

beginRecoverDeletedCertificate(string, CertificatePollerOptions)

恢复指定保管库中已删除的证书。此作只能在启用软删除的保管库上执行。此作此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。

此作需要证书/恢复权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const deletePoller = await client.beginDeleteCertificate("MyCertificate");
await deletePoller.pollUntilDone();

const recoverPoller = await client.beginRecoverDeletedCertificate("MyCertificate");

// Waiting until it's done
const certificate = await recoverPoller.pollUntilDone();
console.log(certificate);

恢复已删除的证书

function beginRecoverDeletedCertificate(certificateName: string, options?: CertificatePollerOptions): Promise<PollerLike<RecoverDeletedCertificateState, KeyVaultCertificateWithPolicy>>

参数

certificateName: string

已删除证书的名称

options: CertificatePollerOptions

可选参数

Promise<PollerLike<RecoverDeletedCertificateState, KeyVaultCertificateWithPolicy>>

createIssuer(string, string, CreateIssuerOptions)

createIssuer作添加或更新指定的证书颁发者。此作需要证书/setissuers 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

await client.createIssuer("IssuerName", "Test");

设置指定的证书颁发者。

function createIssuer(issuerName: string, provider: string, options?: CreateIssuerOptions): Promise<CertificateIssuer>

参数

issuerName: string

颁发者的名称。

provider: string

颁发者提供程序。

options: CreateIssuerOptions

可选参数

Promise<CertificateIssuer>

deleteCertificateOperation(string, OperationOptions)

删除正在创建的指定证书的创建作。不再创建证书。此作需要证书/更新权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

await client.beginCreateCertificate("MyCertificate", {
  issuerName: "Self",
  subject: "cn=MyCert",
});
await client.deleteCertificateOperation("MyCertificate");

await client.getCertificateOperation("MyCertificate");

删除证书的作

function deleteCertificateOperation(certificateName: string, options?: OperationOptions): Promise<CertificateOperation>

参数

certificateName: string

证书的名称

options: OperationOptions

可选参数

Promise<CertificateOperation>

deleteContacts(OperationOptions)

删除所有证书联系人。此作需要证书/managecontacts 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

await client.deleteContacts();

删除所有证书联系人

function deleteContacts(options?: OperationOptions): Promise<undefined | CertificateContact[]>

参数

options: OperationOptions

可选参数

Promise<undefined | CertificateContact[]>

deleteIssuer(string, OperationOptions)

deleteIssuer作永久删除保管库中的指定证书颁发者。此作需要证书/manageissuers/deleteissuers 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

await client.deleteIssuer("IssuerName");

删除指定的证书颁发者。

function deleteIssuer(issuerName: string, options?: OperationOptions): Promise<CertificateIssuer>

参数

issuerName: string

颁发者的名称。

options: OperationOptions

可选参数

Promise<CertificateIssuer>

getCertificate(string, OperationOptions)

获取特定证书中可用的最新信息，包括证书的策略。此作需要证书/获取权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

const certificateName = "MyCertificate";

const result = await client.getCertificate(certificateName);
console.log(result.name);

从证书的名称检索证书（包括证书策略）

function getCertificate(certificateName: string, options?: OperationOptions): Promise<KeyVaultCertificateWithPolicy>

参数

certificateName: string

证书的名称

options: OperationOptions

可选参数

Promise<KeyVaultCertificateWithPolicy>

getCertificateOperation(string, CertificatePollerOptions)

获取与指定证书关联的创建作。此作需要证书/获取权限。此函数返回一个长时间运行的作轮询程序，该轮询程序允许无限期等待证书完全恢复。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const createPoller = await client.beginCreateCertificate("MyCertificate", {
  issuerName: "Self",
  subject: "cn=MyCert",
});

const poller = await client.getCertificateOperation("MyCertificate");
const pendingCertificate = poller.getResult();

const certificateOperation = poller.getOperationState().certificateOperation;
console.log(certificateOperation);

获取证书的轮询器作

function getCertificateOperation(certificateName: string, options?: CertificatePollerOptions): Promise<PollerLikeWithCancellation<CertificateOperationState, KeyVaultCertificateWithPolicy>>

参数

certificateName: string

证书的名称

options: CertificatePollerOptions

可选参数

Promise<PollerLikeWithCancellation<CertificateOperationState, KeyVaultCertificateWithPolicy>>

getCertificatePolicy(string, OperationOptions)

getCertificatePolicy作返回指定密钥保管库中的指定证书策略资源。此作需要证书/获取权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const policy = await client.getCertificatePolicy("MyCertificate");
console.log(policy);

获取证书的策略

function getCertificatePolicy(certificateName: string, options?: OperationOptions): Promise<CertificatePolicy>

参数

certificateName: string

证书的名称

options: OperationOptions

可选参数

Promise<CertificatePolicy>

getCertificateVersion(string, string, OperationOptions)

获取有关特定版本上特定证书的信息。它不会返回证书的策略。此作需要证书/获取权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const certificateName = "MyCertificateName";

const latestCertificate = await client.getCertificate(certificateName);
console.log(`Latest version of the certificate ${certificateName}: `, latestCertificate);
const specificCertificate = await client.getCertificateVersion(
  certificateName,
  latestCertificate.properties.version,
);
console.log(
  `The certificate ${certificateName} at the version ${latestCertificate.properties.version}: `,
  specificCertificate,
);

从证书的名称和指定版本检索证书

function getCertificateVersion(certificateName: string, version: string, options?: OperationOptions): Promise<KeyVaultCertificate>

参数

certificateName: string

证书的名称

version: string

证书的特定版本

options: OperationOptions

可选参数

Promise<KeyVaultCertificate>

getContacts(OperationOptions)

返回指定密钥保管库中的证书联系人资源集。此作需要证书/managecontacts 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

const contacts = await client.getContacts();
for (const contact of contacts) {
  console.log(contact);
}

设置证书联系人。

function getContacts(options?: OperationOptions): Promise<undefined | CertificateContact[]>

参数

options: OperationOptions

可选参数

Promise<undefined | CertificateContact[]>

getDeletedCertificate(string, OperationOptions)

检索已删除的证书信息及其属性，例如保留间隔、计划的永久删除和当前删除恢复级别。此作需要证书/获取权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const deletedCertificate = await client.getDeletedCertificate("MyDeletedCertificate");
console.log("Deleted certificate:", deletedCertificate);

获取已删除的证书

function getDeletedCertificate(certificateName: string, options?: OperationOptions): Promise<DeletedCertificate>

参数

certificateName: string

证书的名称

options: OperationOptions

可选参数

Promise<DeletedCertificate>

getIssuer(string, OperationOptions)

getIssuer作返回指定密钥保管库中的指定证书颁发者资源。此作需要证书/manageissuers/getissuers 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

const certificateIssuer = await client.getIssuer("IssuerName");
console.log(certificateIssuer);

获取指定的证书颁发者。

function getIssuer(issuerName: string, options?: OperationOptions): Promise<CertificateIssuer>

参数

issuerName: string

颁发者的名称。

options: OperationOptions

可选参数

Promise<CertificateIssuer>

importCertificate(string, Uint8Array, ImportCertificateOptions)

将包含私钥的现有有效证书导入 Azure Key Vault。要导入的证书可以采用 PFX 或 PEM 格式。如果证书采用 PEM 格式，PEM 文件必须包含密钥和 x509 证书。此作需要证书/导入权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";
import { SecretClient } from "@azure/keyvault-secrets";
import { isNodeLike } from "@azure/core-util";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);
const secretClient = new SecretClient(url, credential);

const certificateSecret = await secretClient.getSecret("MyCertificate");
const base64EncodedCertificate = certificateSecret.value!;

const buffer = isNodeLike
  ? Buffer.from(base64EncodedCertificate, "base64")
  : Uint8Array.from(atob(base64EncodedCertificate), (c) => c.charCodeAt(0));
await client.importCertificate("MyCertificate", buffer);

从证书的机密值导入证书

function importCertificate(certificateName: string, certificateBytes: Uint8Array, options?: ImportCertificateOptions): Promise<KeyVaultCertificateWithPolicy>

参数

certificateName: string

证书的名称

certificateBytes: Uint8Array

包含 X.509 证书和私钥的证书的 PFX 或 ASCII PEM 格式值

options: ImportCertificateOptions

可选参数

Promise<KeyVaultCertificateWithPolicy>

listDeletedCertificates(ListDeletedCertificatesOptions)

检索当前保管库中的证书，这些证书处于已删除状态并已准备好恢复或清除。此作包括特定于删除的信息。此作需要证书/获取/列表权限。只能在启用软删除的保管库上启用此作。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

for await (const deletedCertificate of client.listDeletedCertificates()) {
  console.log(deletedCertificate);
}

for await (const page of client.listDeletedCertificates().byPage()) {
  for (const deletedCertificate of page) {
    console.log(deletedCertificate);
  }
}

列出已删除的证书

function listDeletedCertificates(options?: ListDeletedCertificatesOptions): PagedAsyncIterableIterator<DeletedCertificate, DeletedCertificate[], PageSettings>

参数

options: ListDeletedCertificatesOptions

可选参数

PagedAsyncIterableIterator<DeletedCertificate, DeletedCertificate[], PageSettings>

listPropertiesOfCertificates(ListPropertiesOfCertificatesOptions)

循环访问保管库中所有证书的最新版本。响应中提供了完整的证书标识符和属性。证书不返回任何值。此作需要证书/列表权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

// All in one call
for await (const certificateProperties of client.listPropertiesOfCertificates()) {
  console.log(certificateProperties);
}

// By pages
for await (const page of client.listPropertiesOfCertificates().byPage()) {
  for (const certificateProperties of page) {
    console.log(certificateProperties);
  }
}

列出指定证书的所有版本。

function listPropertiesOfCertificates(options?: ListPropertiesOfCertificatesOptions): PagedAsyncIterableIterator<CertificateProperties, CertificateProperties[], PageSettings>

参数

options: ListPropertiesOfCertificatesOptions

可选参数

PagedAsyncIterableIterator<CertificateProperties, CertificateProperties[], PageSettings>

listPropertiesOfCertificateVersions(string, OperationOptions)

返回指定密钥保管库中证书的版本。此作需要证书/列表权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

for await (const certificateProperties of client.listPropertiesOfCertificateVersions(
  "MyCertificate",
)) {
  console.log(certificateProperties.version!);
}

列出证书的版本。

function listPropertiesOfCertificateVersions(certificateName: string, options?: OperationOptions): PagedAsyncIterableIterator<CertificateProperties, CertificateProperties[], PageSettings>

参数

certificateName: string

证书的名称。

options: OperationOptions

可选参数

PagedAsyncIterableIterator<CertificateProperties, CertificateProperties[], PageSettings>

listPropertiesOfIssuers(OperationOptions)

返回指定密钥保管库中的证书颁发者资源集。此作需要证书/manageissuers/getissuers 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

await client.createIssuer("IssuerName", "Test");

// All in one call
for await (const issuerProperties of client.listPropertiesOfIssuers()) {
  console.log(issuerProperties);
}

// By pages
for await (const page of client.listPropertiesOfIssuers().byPage()) {
  for (const issuerProperties of page) {
    console.log(issuerProperties);
  }
}

列出证书颁发者。

function listPropertiesOfIssuers(options?: OperationOptions): PagedAsyncIterableIterator<IssuerProperties, IssuerProperties[], PageSettings>

参数

options: OperationOptions

可选参数

PagedAsyncIterableIterator<IssuerProperties, IssuerProperties[], PageSettings>

mergeCertificate(string, Uint8Array[], OperationOptions)

使用服务中当前可用的密钥对执行证书或证书链的合并。此作需要证书/创建权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";
import { writeFileSync, readFileSync } from "node:fs";
import { execSync } from "node:child_process";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

await client.beginCreateCertificate("MyCertificate", {
  issuerName: "Unknown",
  subject: "cn=MyCert",
});
const poller = await client.getCertificateOperation("MyCertificate");
const { csr } = poller.getOperationState().certificateOperation!;
const base64Csr = Buffer.from(csr!).toString("base64");
const wrappedCsr = [
  "-----BEGIN CERTIFICATE REQUEST-----",
  base64Csr,
  "-----END CERTIFICATE REQUEST-----",
].join("\n");

writeFileSync("test.csr", wrappedCsr);

// Certificate available locally made using:
//   openssl genrsa -out ca.key 2048
//   openssl req -new -x509 -key ca.key -out ca.crt
// You can read more about how to create a fake certificate authority here: https://gist.github.com/Soarez/9688998

execSync("openssl x509 -req -in test.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out test.crt");
const base64Crt = readFileSync("test.crt").toString().split("\n").slice(1, -1).join("");

await client.mergeCertificate("MyCertificate", [Buffer.from(base64Crt)]);

将签名的证书请求合并到挂起的证书中

function mergeCertificate(certificateName: string, x509Certificates: Uint8Array[], options?: OperationOptions): Promise<KeyVaultCertificateWithPolicy>

参数

certificateName: string

证书的名称

x509Certificates: Uint8Array[]

要合并的证书

options: OperationOptions

可选参数

Promise<KeyVaultCertificateWithPolicy>

purgeDeletedCertificate(string, OperationOptions)

执行指定证书的不可逆删除作，且无法进行恢复。如果恢复级别未指定“可清除”，则此作不可用。此作需要证书/清除权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

const deletePoller = await client.beginDeleteCertificate("MyCertificate");
await deletePoller.pollUntilDone();

// Deleting a certificate takes time, make sure to wait before purging it
client.purgeDeletedCertificate("MyCertificate");

获取已删除的证书

function purgeDeletedCertificate(certificateName: string, options?: OperationOptions): Promise<null>

参数

certificateName: string

要清除的已删除证书的名称

options: OperationOptions

可选参数

Promise<null>

restoreCertificateBackup(Uint8Array, OperationOptions)

将备份的证书及其所有版本还原到保管库。此作需要证书/还原权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

await client.beginCreateCertificate("MyCertificate", {
  issuerName: "Self",
  subject: "cn=MyCert",
});
const backup = await client.backupCertificate("MyCertificate");

const poller = await client.beginDeleteCertificate("MyCertificate");
await poller.pollUntilDone();

// Some time is required before we're able to restore the certificate
await client.restoreCertificateBackup(backup!);

从备份还原证书

function restoreCertificateBackup(backup: Uint8Array, options?: OperationOptions): Promise<KeyVaultCertificateWithPolicy>

参数

backup: Uint8Array

要从中还原的备份证书

options: OperationOptions

可选参数

Promise<KeyVaultCertificateWithPolicy>

setContacts(CertificateContact[], OperationOptions)

设置密钥保管库的证书联系人。此作需要证书/managecontacts 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

await client.setContacts([
  {
    email: "b@b.com",
    name: "b",
    phone: "222222222222",
  },
]);

设置证书联系人。

function setContacts(contacts: CertificateContact[], options?: OperationOptions): Promise<undefined | CertificateContact[]>

参数

contacts: CertificateContact[]

要使用的联系人

options: OperationOptions

可选参数

Promise<undefined | CertificateContact[]>

updateCertificatePolicy(string, CertificatePolicy, OperationOptions)

更新指定证书的证书策略。此作需要证书/更新权限。获取证书的策略

function updateCertificatePolicy(certificateName: string, policy: CertificatePolicy, options?: OperationOptions): Promise<CertificatePolicy>

参数

certificateName: string

证书的名称

policy: CertificatePolicy

证书策略

options: OperationOptions

可选参数

Promise<CertificatePolicy>

updateCertificateProperties(string, string, UpdateCertificatePropertiesOptions)

对给定证书应用指定的更新;更新的唯一元素是证书的属性。此作需要证书/更新权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(url, credential);

// You may pass an empty string for version which will update
// the latest version of the certificate
await client.updateCertificateProperties("MyCertificate", "", {
  tags: {
    customTag: "value",
  },
});

更新证书

function updateCertificateProperties(certificateName: string, version: string, options?: UpdateCertificatePropertiesOptions): Promise<KeyVaultCertificate>

参数

certificateName: string

证书的名称

version: string

要更新的证书版本（空字符串将更新最新版本）

options: UpdateCertificateOptions

选项，包括要更新的内容

Promise<KeyVaultCertificate>

updateIssuer(string, UpdateIssuerOptions)

updateIssuer作对指定的证书颁发者实体执行更新。此作需要证书/setissuers 权限。

示例用法：

import { DefaultAzureCredential } from "@azure/identity";
import { CertificateClient } from "@azure/keyvault-certificates";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const keyVaultUrl = `https://${vaultName}.vault.azure.net`;

const client = new CertificateClient(keyVaultUrl, credential);

await client.updateIssuer("IssuerName", {
  provider: "Provider2",
});

更新指定的证书颁发者。

function updateIssuer(issuerName: string, options?: UpdateIssuerOptions): Promise<CertificateIssuer>

参数

issuerName: string

颁发者的名称。

options: UpdateIssuerOptions

可选参数

Promise<CertificateIssuer>

通过

CertificateClient class

构造函数

属性

方法

构造函数详细信息

CertificateClient(string, TokenCredential, CertificateClientOptions)

参数

属性详细信息

vaultUrl

属性值

方法详细信息

backupCertificate(string, OperationOptions)

参数

返回

beginCreateCertificate(string, CertificatePolicy, BeginCreateCertificateOptions)

参数

返回

beginDeleteCertificate(string, CertificatePollerOptions)

参数

返回

beginRecoverDeletedCertificate(string, CertificatePollerOptions)

参数

返回

createIssuer(string, string, CreateIssuerOptions)

参数

返回

deleteCertificateOperation(string, OperationOptions)

参数

返回

deleteContacts(OperationOptions)

参数

返回

deleteIssuer(string, OperationOptions)

参数

返回

getCertificate(string, OperationOptions)

参数

返回

getCertificateOperation(string, CertificatePollerOptions)

参数

返回

getCertificatePolicy(string, OperationOptions)

参数

返回

getCertificateVersion(string, string, OperationOptions)

参数

返回

getContacts(OperationOptions)

参数

返回

getDeletedCertificate(string, OperationOptions)

参数

返回

getIssuer(string, OperationOptions)

参数

返回

importCertificate(string, Uint8Array, ImportCertificateOptions)

参数

返回

listDeletedCertificates(ListDeletedCertificatesOptions)

参数

返回

listPropertiesOfCertificates(ListPropertiesOfCertificatesOptions)

参数

返回

listPropertiesOfCertificateVersions(string, OperationOptions)

参数

返回

listPropertiesOfIssuers(OperationOptions)

参数

返回

mergeCertificate(string, Uint8Array[], OperationOptions)

参数

返回

purgeDeletedCertificate(string, OperationOptions)

参数

返回

restoreCertificateBackup(Uint8Array, OperationOptions)

参数