C# 使用Azure.Security.KeyVault通过SecretId/SecretIdentifier而不是Microsoft.Azure.KeyVault检索证书(PFXcontent)
只是想知道如何使用新的C# 使用Azure.Security.KeyVault通过SecretId/SecretIdentifier而不是Microsoft.Azure.KeyVault检索证书(PFXcontent),c#,azure,azure-keyvault,C#,Azure,Azure Keyvault,只是想知道如何使用新的Azure.Security.KeyVault库实现同样的效果: Azure.Security.KeyVault.Certificates Azure.Security.KeyVault.Secrets 特别是关于从保密证书中获取PFX内容。新图书馆似乎没有提供一种通过秘密或秘密身份识别者获取秘密的方法,只是通过名字 目的是与以前的做法相匹配: var azureServiceTokenProvider = new AzureServiceTokenProvider()
Azure.Security.KeyVaultAzure.Security.KeyVault.CertificatesAzure.Security.KeyVault.Secretsvar azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient = new KeyVaultClient(
new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
CertificateBundle certificateBundle = await keyVaultClient.GetCertificateAsync(certificateIdentifier);
SecretBundle certificateWithPrivateKey = await keyVaultClient.GetSecretAsync(certificateBundle.SecretIdentifier.Identifier);
byte[] certificateWithPrivateKeyDecoded = Convert.FromBase64String(certificateWithPrivateKey.Value);
var certificate = new X509Certificate2(certificateWithPrivateKeyDecoded, (string)null);
return certificate;
是的,该方法不提供通过SecretIdentifier获取机密的方法,但它有一个参数
versioncertificateIdentifier秘密名称版本var client = new SecretClient(vaultUri: new Uri(keyVaultUrl), credential: new DefaultAzureCredential());
KeyVaultSecret secret = client.GetSecret("secret-name","secret-version");