azure.keyvault.certificates.CertificateClient.yml

### YamlMime:PythonClass
uid: azure.keyvault.certificates.CertificateClient
name: CertificateClient
fullName: azure.keyvault.certificates.CertificateClient
module: azure.keyvault.certificates
inheritances:
- azure.keyvault.certificates._shared.client_base.KeyVaultClientBase
summary: A high-level interface for managing a vault's certificates.
constructor:
  syntax: 'CertificateClient(vault_url: str, credential: TokenCredential, **kwargs:
    Any)'
  parameters:
  - name: vault_url
    description: 'URL of the vault the client will access. This is also called the
      vault''s "DNS Name".

      You should validate that this URL references a valid Key Vault resource. See
      [https://aka.ms/azsdk/blog/vault-uri](https://aka.ms/azsdk/blog/vault-uri)

      for details.'
    isRequired: true
    types:
    - <xref:str>
  - name: credential
    description: 'An object which can provide an access token for the vault, such
      as a credential from

      <xref:azure.identity>'
    isRequired: true
    types:
    - <xref:azure.core.credentials.TokenCredential>
  keywordOnlyParameters:
  - name: api_version
    description: Version of the service API to use. Defaults to the most recent.
    types:
    - <xref:azure.keyvault.certificates.ApiVersion>
    - <xref:str>
  - name: verify_challenge_resource
    description: 'Whether to verify the authentication challenge resource matches
      the Key

      Vault domain. Defaults to True.'
    types:
    - <xref:bool>
methods:
- uid: azure.keyvault.certificates.CertificateClient.backup_certificate
  name: backup_certificate
  summary: 'Back up a certificate in a protected form useable only by Azure Key Vault.


    Requires certificates/backup permission. This is intended to allow copying a certificate
    from one vault to

    another. Both vaults must be owned by the same Azure subscription. Also, backup
    / restore cannot be performed

    across geopolitical boundaries. For example, a backup from a vault in a USA region
    cannot be restored to a vault

    in an EU region.'
  signature: 'backup_certificate(certificate_name: str, **kwargs: Any) -> bytes'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The backup blob containing the backed up certificate.
    types:
    - <xref:bytes>
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate doesn't exist; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.begin_create_certificate
  name: begin_create_certificate
  summary: "Creates a new certificate.\n\nIf this is the first version, the certificate\
    \ resource is created. This operation requires the\ncertificates/create permission.\
    \ Waiting on the returned poller requires the certificates/get permission and\n\
    gives you the certificate if creation is successful, or the CertificateOperation\
    \ if not \u2013 otherwise, it raises\nan <xref:azure.core.exceptions.HttpResponseError>."
  signature: 'begin_create_certificate(certificate_name: str, policy: CertificatePolicy,
    **kwargs: Any) -> LROPoller[KeyVaultCertificate | CertificateOperation]'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  - name: policy
    description: 'The management policy for the certificate. Either subject or one
      of the subject alternative

      name properties are required.'
    isRequired: true
    types:
    - <xref:azure.keyvault.certificates.CertificatePolicy>
  keywordOnlyParameters:
  - name: enabled
    description: Whether the certificate is enabled for use.
    types:
    - <xref:bool>
  - name: tags
    description: Application specific metadata in the form of key-value pairs.
    types:
    - <xref:dict>[<xref:str>, <xref:str>]
  return:
    description: 'An LROPoller for the create certificate operation. Waiting on the
      poller gives you the certificate if

      creation is successful, or the CertificateOperation if not.'
    types:
    - <xref:azure.core.polling.LROPoller>[<xref:azure.keyvault.certificates.KeyVaultCertificate>
    - <xref:azure.keyvault.certificates.CertificateOperation>]
  exceptions:
  - type: ValueError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate policy is invalid; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.begin_delete_certificate
  name: begin_delete_certificate
  summary: 'Delete all versions of a certificate. Requires certificates/delete permission.


    When this method returns Key Vault has begun deleting the certificate. Deletion
    may take several seconds in a

    vault with soft-delete enabled. This method therefore returns a poller enabling
    you to wait for deletion to

    complete.'
  signature: 'begin_delete_certificate(certificate_name: str, **kwargs: Any) -> LROPoller[DeletedCertificate]'
  parameters:
  - name: certificate_name
    description: The name of the certificate to delete.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: 'A poller for the delete certificate operation. The poller''s *result*
      method returns the

      <xref:azure.keyvault.certificates.DeletedCertificate> without waiting for deletion
      to complete. If the

      vault has soft-delete enabled and you want to immediately, permanently delete
      the certificate with

      <xref:azure.keyvault.certificates.CertificateClient.purge_deleted_certificate>,
      call the poller''s *wait* method first. It will block until the deletion

      is complete. The *wait* method requires certificates/get permission.'
    types:
    - <xref:azure.core.polling.LROPoller>[<xref:azure.keyvault.certificates.DeletedCertificate>]
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate doesn't exist; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.begin_recover_deleted_certificate
  name: begin_recover_deleted_certificate
  summary: 'Recover a deleted certificate to its latest version. Possible only in
    a vault with soft-delete enabled.


    Requires certificates/recover permission. When this method returns Key Vault has
    begun recovering the

    certificate. Recovery may take several seconds. This method therefore returns
    a poller enabling you to wait for

    recovery to complete. Waiting is only necessary when you want to use the recovered
    certificate in another

    operation immediately.'
  signature: 'begin_recover_deleted_certificate(certificate_name: str, **kwargs: Any)
    -> LROPoller[KeyVaultCertificate]'
  parameters:
  - name: certificate_name
    description: The name of the deleted certificate to recover
    isRequired: true
    types:
    - <xref:str>
  return:
    description: 'A poller for the recovery operation. The poller''s *result* method
      returns the recovered

      <xref:azure.keyvault.certificates.KeyVaultCertificate> without waiting for recovery
      to complete. If you

      want to use the recovered certificate immediately, call the poller''s *wait*
      method, which blocks until the

      certificate is ready to use. The *wait* method requires certificate/get permission.'
    types:
    - <xref:azure.core.polling.LROPoller>[<xref:azure.keyvault.certificates.KeyVaultCertificate>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.cancel_certificate_operation
  name: cancel_certificate_operation
  summary: Cancels an in-progress certificate operation. Requires the certificates/update
    permission.
  signature: 'cancel_certificate_operation(certificate_name: str, **kwargs: Any) ->
    CertificateOperation'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The cancelled certificate operation
    types:
    - <xref:azure.keyvault.certificates.CertificateOperation>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.close
  name: close
  summary: 'Close sockets opened by the client.


    Calling this method is unnecessary when using the client as a context manager.'
  signature: close() -> None
- uid: azure.keyvault.certificates.CertificateClient.create_issuer
  name: create_issuer
  summary: Sets the specified certificate issuer. Requires certificates/setissuers
    permission.
  signature: 'create_issuer(issuer_name: str, provider: str, **kwargs: Any) -> CertificateIssuer'
  parameters:
  - name: issuer_name
    description: The name of the issuer.
    isRequired: true
    types:
    - <xref:str>
  - name: provider
    description: The issuer provider.
    isRequired: true
    types:
    - <xref:str>
  keywordOnlyParameters:
  - name: enabled
    description: Whether the issuer is enabled for use.
    types:
    - <xref:bool>
  - name: account_id
    description: The user name/account name/account id.
    types:
    - <xref:str>
  - name: password
    description: The password/secret/account key.
    types:
    - <xref:str>
  - name: organization_id
    description: Id of the organization
    types:
    - <xref:str>
  - name: admin_contacts
    description: 'Contact details of the organization administrators of the

      certificate issuer.'
    types:
    - <xref:list>[<xref:azure.keyvault.certificates.AdministratorContact>]
  return:
    description: The created CertificateIssuer
    types:
    - <xref:azure.keyvault.certificates.CertificateIssuer>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.delete_certificate_operation
  name: delete_certificate_operation
  summary: 'Deletes and stops the creation operation for a specific certificate.


    Requires the certificates/update permission.'
  signature: 'delete_certificate_operation(certificate_name: str, **kwargs: Any) ->
    CertificateOperation'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The deleted CertificateOperation
    types:
    - <xref:azure.keyvault.certificates.CertificateOperation>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.delete_contacts
  name: delete_contacts
  summary: Deletes the certificate contacts for the key vault. Requires the certificates/managecontacts
    permission.
  signature: 'delete_contacts(**kwargs: Any) -> List[CertificateContact]'
  return:
    description: The deleted contacts for the key vault.
    types:
    - <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.delete_issuer
  name: delete_issuer
  summary: 'Deletes the specified certificate issuer.


    Requires certificates/manageissuers/deleteissuers permission.'
  signature: 'delete_issuer(issuer_name: str, **kwargs: Any) -> CertificateIssuer'
  parameters:
  - name: issuer_name
    description: The name of the issuer.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: CertificateIssuer
    types:
    - <xref:azure.keyvault.certificates.CertificateIssuer>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.get_certificate
  name: get_certificate
  summary: 'Gets a certificate with its management policy attached. Requires certificates/get
    permission.


    Does not accept the version of the certificate as a parameter. To get a specific
    version of the

    certificate, call <xref:azure.keyvault.certificates.CertificateClient.get_certificate_version>.'
  signature: 'get_certificate(certificate_name: str, **kwargs: Any) -> KeyVaultCertificate'
  parameters:
  - name: certificate_name
    description: The name of the certificate in the given vault.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: An instance of KeyVaultCertificate
    types:
    - <xref:azure.keyvault.certificates.KeyVaultCertificate>
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate doesn't exist; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.get_certificate_operation
  name: get_certificate_operation
  summary: Gets the creation operation of a certificate. Requires the certificates/get
    permission.
  signature: 'get_certificate_operation(certificate_name: str, **kwargs: Any) -> CertificateOperation'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The created CertificateOperation
    types:
    - <xref:azure.keyvault.certificates.CertificateOperation>
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate doesn't exist; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.get_certificate_policy
  name: get_certificate_policy
  summary: 'Gets the policy for a certificate. Requires certificates/get permission.


    Returns the specified certificate policy resources in the key vault.'
  signature: 'get_certificate_policy(certificate_name: str, **kwargs: Any) -> CertificatePolicy'
  parameters:
  - name: certificate_name
    description: The name of the certificate in a given key vault.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The certificate policy
    types:
    - <xref:azure.keyvault.certificates.CertificatePolicy>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.get_certificate_version
  name: get_certificate_version
  summary: 'Gets a specific version of a certificate without returning its management
    policy.


    Requires certificates/get permission. To get the latest version of the certificate,
    or to get the certificate''s

    policy as well, call <xref:azure.keyvault.certificates.CertificateClient.get_certificate>.'
  signature: 'get_certificate_version(certificate_name: str, version: str, **kwargs:
    Any) -> KeyVaultCertificate'
  parameters:
  - name: certificate_name
    description: The name of the certificate in the given vault.
    isRequired: true
    types:
    - <xref:str>
  - name: version
    description: The version of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: An instance of KeyVaultCertificate
    types:
    - <xref:azure.keyvault.certificates.KeyVaultCertificate>
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate doesn't exist; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.get_contacts
  name: get_contacts
  summary: Gets the certificate contacts for the key vault. Requires the certificates/managecontacts
    permission.
  signature: 'get_contacts(**kwargs: Any) -> List[CertificateContact]'
  return:
    description: The certificate contacts for the key vault.
    types:
    - <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.get_deleted_certificate
  name: get_deleted_certificate
  summary: 'Get a deleted certificate. Possible only in a vault with soft-delete enabled.


    Requires certificates/get permission. Retrieves the deleted certificate information
    plus its attributes, such as

    retention interval, scheduled permanent deletion, and the current deletion recovery
    level.'
  signature: 'get_deleted_certificate(certificate_name: str, **kwargs: Any) -> DeletedCertificate'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The deleted certificate
    types:
    - <xref:azure.keyvault.certificates.DeletedCertificate>
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the certificate doesn't exist; the latter for other
      errors
- uid: azure.keyvault.certificates.CertificateClient.get_issuer
  name: get_issuer
  summary: Gets the specified certificate issuer. Requires certificates/manageissuers/getissuers
    permission.
  signature: 'get_issuer(issuer_name: str, **kwargs: Any) -> CertificateIssuer'
  parameters:
  - name: issuer_name
    description: The name of the issuer.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: The specified certificate issuer.
    types:
    - <xref:azure.keyvault.certificates.CertificateIssuer>
  exceptions:
  - type: azure.core.exceptions.ResourceNotFoundError
  - type: azure.core.exceptions.HttpResponseError
    description: the former if the issuer doesn't exist; the latter for other errors
- uid: azure.keyvault.certificates.CertificateClient.import_certificate
  name: import_certificate
  summary: 'Import a certificate created externally. Requires certificates/import
    permission.


    Imports an existing valid certificate, containing a private key, into Azure Key
    Vault. The certificate to be

    imported can be in either PFX or PEM format. If the certificate is in PEM format
    the PEM file must contain the

    key as well as x509 certificates, and you must provide a `policy` with

    <xref:azure.keyvault.certificates.CertificatePolicy.content_type> of

    <xref:azure.keyvault.certificates.CertificateContentType.pem>.'
  signature: 'import_certificate(certificate_name: str, certificate_bytes: bytes,
    **kwargs: Any) -> KeyVaultCertificate'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  - name: certificate_bytes
    description: 'Bytes of the certificate object to import. This certificate

      needs to contain the private key.'
    isRequired: true
    types:
    - <xref:bytes>
  keywordOnlyParameters:
  - name: enabled
    description: Whether the certificate is enabled for use.
    types:
    - <xref:bool>
  - name: tags
    description: Application specific metadata in the form of key-value pairs.
    types:
    - <xref:dict>[<xref:str>, <xref:str>]
  - name: password
    description: 'If the private key in the passed in certificate is encrypted, it

      is the password used for encryption.'
    types:
    - <xref:str>
  - name: policy
    description: 'The management policy for the certificate. Required if importing
      a PEM-format certificate,

      with <xref:azure.keyvault.certificates.CertificatePolicy.content_type> set to

      <xref:azure.keyvault.certificates.CertificateContentType.pem>.'
    types:
    - <xref:azure.keyvault.certificates.CertificatePolicy>
  return:
    description: The imported KeyVaultCertificate
    types:
    - <xref:azure.keyvault.certificates.KeyVaultCertificate>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_deleted_certificates
  name: list_deleted_certificates
  summary: 'Lists the currently-recoverable deleted certificates. Possible only if
    vault is soft-delete enabled.


    Requires certificates/get/list permission. Retrieves the certificates in the current
    vault which are in a

    deleted state and ready for recovery or purging. This operation includes deletion-specific
    information.'
  signature: 'list_deleted_certificates(*, include_pending: bool | None = None, **kwargs:
    Any) -> ItemPaged[DeletedCertificate]'
  keywordOnlyParameters:
  - name: include_pending
    description: 'Specifies whether to include certificates which are not completely
      deleted.

      Only available for API versions v7.0 and up. If not provided, Key Vault treats
      this as False.'
    types:
    - <xref:bool>
    - <xref:None>
  return:
    description: An iterator-like instance of DeletedCertificate
    types:
    - <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.DeletedCertificate>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_properties_of_certificate_versions
  name: list_properties_of_certificate_versions
  summary: 'List the identifiers and properties of a certificate''s versions.


    Requires certificates/list permission.'
  signature: 'list_properties_of_certificate_versions(certificate_name: str, **kwargs:
    Any) -> ItemPaged[CertificateProperties]'
  parameters:
  - name: certificate_name
    description: The name of the certificate.
    isRequired: true
    types:
    - <xref:str>
  return:
    description: An iterator-like instance of CertificateProperties
    types:
    - <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.CertificateProperties>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_properties_of_certificates
  name: list_properties_of_certificates
  summary: 'List identifiers and properties of all certificates in the vault.


    Requires certificates/list permission.'
  signature: 'list_properties_of_certificates(*, include_pending: bool | None = None,
    **kwargs: Any) -> ItemPaged[CertificateProperties]'
  keywordOnlyParameters:
  - name: include_pending
    description: 'Specifies whether to include certificates which are not completely
      provisioned.

      Only available for API versions v7.0 and up. If not provided, Key Vault treats
      this as False.'
    types:
    - <xref:bool>
    - <xref:None>
  return:
    description: An iterator-like instance of CertificateProperties
    types:
    - <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.CertificateProperties>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_properties_of_issuers
  name: list_properties_of_issuers
  summary: 'Lists properties of the certificate issuers for the key vault.


    Requires the certificates/manageissuers/getissuers permission.'
  signature: 'list_properties_of_issuers(**kwargs: Any) -> ItemPaged[IssuerProperties]'
  return:
    description: An iterator-like instance of Issuers
    types:
    - <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.CertificateIssuer>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.merge_certificate
  name: merge_certificate
  summary: 'Merges a certificate or a certificate chain with a key pair existing on
    the server.


    Requires the certificates/create permission. Performs the merging of a certificate
    or certificate chain with a

    key pair currently available in the service. Make sure when creating the certificate
    to merge using

    <xref:azure.keyvault.certificates.CertificateClient.begin_create_certificate>
    that you set its issuer to ''Unknown''. This way Key Vault knows that the

    certificate will not be signed by an issuer known to it.'
  signature: 'merge_certificate(certificate_name: str, x509_certificates: List[bytes],
    **kwargs: Any) -> KeyVaultCertificate'
  parameters:
  - name: certificate_name
    description: The name of the certificate
    isRequired: true
    types:
    - <xref:str>
  - name: x509_certificates
    description: The certificate or the certificate chain to merge.
    isRequired: true
    types:
    - <xref:list>[<xref:bytes>]
  keywordOnlyParameters:
  - name: enabled
    description: Whether the certificate is enabled for use.
    types:
    - <xref:bool>
    - <xref:None>
  - name: tags
    description: Application specific metadata in the form of key-value pairs.
    types:
    - <xref:dict>[<xref:str>, <xref:str>]
    - <xref:None>
  return:
    description: The merged certificate
    types:
    - <xref:azure.keyvault.certificates.KeyVaultCertificate>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.purge_deleted_certificate
  name: purge_deleted_certificate
  summary: 'Permanently deletes a deleted certificate. Possible only in vaults with
    soft-delete enabled.


    Requires certificates/purge permission. Performs an irreversible deletion of the
    specified certificate, without

    possibility for recovery. The operation is not available if the

    <xref:azure.keyvault.certificates.CertificateProperties.recovery_level> does not
    specify ''Purgeable''.

    This method is only necessary for purging a certificate before its

    <xref:azure.keyvault.certificates.DeletedCertificate.scheduled_purge_date>.'
  signature: 'purge_deleted_certificate(certificate_name: str, **kwargs: Any) -> None'
  parameters:
  - name: certificate_name
    description: The name of the certificate
    isRequired: true
    types:
    - <xref:str>
  return:
    description: None
    types:
    - <xref:None>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.restore_certificate_backup
  name: restore_certificate_backup
  summary: 'Restore a certificate backup to the vault. Requires certificates/restore
    permission.


    This restores all versions of the certificate, with its name, attributes, and
    access control policies. If the

    certificate''s name is already in use, restoring it will fail. Also, the target
    vault must be owned by the same

    Microsoft Azure subscription as the source vault.'
  signature: 'restore_certificate_backup(backup: bytes, **kwargs: Any) -> KeyVaultCertificate'
  parameters:
  - name: backup
    description: The backup blob associated with a certificate bundle.
    isRequired: true
    types:
    - <xref:bytes>
  return:
    description: The restored KeyVaultCertificate
    types:
    - <xref:azure.keyvault.certificates.KeyVaultCertificate>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.send_request
  name: send_request
  summary: 'Runs a network request using the client''s existing pipeline.


    The request URL can be relative to the vault URL. The service API version used
    for the request is the same as

    the client''s unless otherwise specified. This method does not raise if the response
    is an error; to raise an

    exception, call *raise_for_status()* on the returned response object. For more
    information about how to send

    custom requests with this method, see [https://aka.ms/azsdk/dpcodegen/python/send_request](https://aka.ms/azsdk/dpcodegen/python/send_request).'
  signature: 'send_request(request: HttpRequest, *, stream: bool = False, **kwargs:
    Any) -> HttpResponse'
  parameters:
  - name: request
    description: The network request you want to make.
    isRequired: true
    types:
    - <xref:azure.core.rest.HttpRequest>
  keywordOnlyParameters:
  - name: stream
    description: Whether the response payload will be streamed. Defaults to False.
    types:
    - <xref:bool>
  return:
    description: The response of your network call. Does not do error handling on
      your response.
    types:
    - <xref:azure.core.rest.HttpResponse>
- uid: azure.keyvault.certificates.CertificateClient.set_contacts
  name: set_contacts
  summary: Sets the certificate contacts for the key vault. Requires certificates/managecontacts
    permission.
  signature: 'set_contacts(contacts: List[CertificateContact], **kwargs: Any) -> List[CertificateContact]'
  parameters:
  - name: contacts
    description: The contact list for the vault certificates.
    isRequired: true
    types:
    - <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
  return:
    description: The created list of contacts
    types:
    - <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.update_certificate_policy
  name: update_certificate_policy
  summary: 'Updates the policy for a certificate. Requires certificates/update permission.


    Set specified members in the certificate policy. Leaves others as null.'
  signature: 'update_certificate_policy(certificate_name: str, policy: CertificatePolicy,
    **kwargs: Any) -> CertificatePolicy'
  parameters:
  - name: certificate_name
    description: The name of the certificate in the given vault.
    isRequired: true
    types:
    - <xref:str>
  - name: policy
    description: The policy for the certificate.
    isRequired: true
    types:
    - <xref:azure.keyvault.certificates.CertificatePolicy>
  return:
    description: The certificate policy
    types:
    - <xref:azure.keyvault.certificates.CertificatePolicy>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.update_certificate_properties
  name: update_certificate_properties
  summary: Change a certificate's properties. Requires certificates/update permission.
  signature: 'update_certificate_properties(certificate_name: str, version: str |
    None = None, **kwargs: Any) -> KeyVaultCertificate'
  parameters:
  - name: certificate_name
    description: The name of the certificate in the given key vault.
    isRequired: true
    types:
    - <xref:str>
  - name: version
    description: The version of the certificate.
    isRequired: true
    types:
    - <xref:str>
  keywordOnlyParameters:
  - name: enabled
    description: Whether the certificate is enabled for use.
    types:
    - <xref:bool>
  - name: tags
    description: Application specific metadata in the form of key-value pairs.
    types:
    - <xref:dict>[<xref:str>, <xref:str>]
  return:
    description: The updated KeyVaultCertificate
    types:
    - <xref:azure.keyvault.certificates.KeyVaultCertificate>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.update_issuer
  name: update_issuer
  summary: Updates the specified certificate issuer. Requires certificates/setissuers
    permission.
  signature: 'update_issuer(issuer_name: str, **kwargs: Any) -> CertificateIssuer'
  parameters:
  - name: issuer_name
    description: The name of the issuer.
    isRequired: true
    types:
    - <xref:str>
  keywordOnlyParameters:
  - name: enabled
    description: Whether the issuer is enabled for use.
    types:
    - <xref:bool>
  - name: provider
    description: The issuer provider
    types:
    - <xref:str>
  - name: account_id
    description: The user name/account name/account id.
    types:
    - <xref:str>
  - name: password
    description: The password/secret/account key.
    types:
    - <xref:str>
  - name: organization_id
    description: Id of the organization
    types:
    - <xref:str>
  - name: admin_contacts
    description: Contact details of the organization administrators of the certificate
      issuer
    types:
    - <xref:list>[<xref:azure.keyvault.certificates.AdministratorContact>]
  return:
    description: The updated issuer
    types:
    - <xref:azure.keyvault.certificates.CertificateIssuer>
  exceptions:
  - type: azure.core.exceptions.HttpResponseError
attributes:
- uid: azure.keyvault.certificates.CertificateClient.vault_url
  name: vault_url