/
azure.keyvault.certificates.CertificateClient.yml
875 lines (787 loc) · 31.4 KB
/
azure.keyvault.certificates.CertificateClient.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
### YamlMime:PythonClass
uid: azure.keyvault.certificates.CertificateClient
name: CertificateClient
fullName: azure.keyvault.certificates.CertificateClient
module: azure.keyvault.certificates
inheritances:
- azure.keyvault.certificates._shared.client_base.KeyVaultClientBase
summary: A high-level interface for managing a vault's certificates.
constructor:
syntax: 'CertificateClient(vault_url: str, credential: TokenCredential, **kwargs:
Any)'
parameters:
- name: vault_url
description: 'URL of the vault the client will access. This is also called the
vault''s "DNS Name".
You should validate that this URL references a valid Key Vault resource. See
[https://aka.ms/azsdk/blog/vault-uri](https://aka.ms/azsdk/blog/vault-uri)
for details.'
isRequired: true
types:
- <xref:str>
- name: credential
description: 'An object which can provide an access token for the vault, such
as a credential from
<xref:azure.identity>'
isRequired: true
types:
- <xref:azure.core.credentials.TokenCredential>
keywordOnlyParameters:
- name: api_version
description: Version of the service API to use. Defaults to the most recent.
types:
- <xref:azure.keyvault.certificates.ApiVersion>
- <xref:str>
- name: verify_challenge_resource
description: 'Whether to verify the authentication challenge resource matches
the Key
Vault domain. Defaults to True.'
types:
- <xref:bool>
methods:
- uid: azure.keyvault.certificates.CertificateClient.backup_certificate
name: backup_certificate
summary: 'Back up a certificate in a protected form useable only by Azure Key Vault.
Requires certificates/backup permission. This is intended to allow copying a certificate
from one vault to
another. Both vaults must be owned by the same Azure subscription. Also, backup
/ restore cannot be performed
across geopolitical boundaries. For example, a backup from a vault in a USA region
cannot be restored to a vault
in an EU region.'
signature: 'backup_certificate(certificate_name: str, **kwargs: Any) -> bytes'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: The backup blob containing the backed up certificate.
types:
- <xref:bytes>
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate doesn't exist; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.begin_create_certificate
name: begin_create_certificate
summary: "Creates a new certificate.\n\nIf this is the first version, the certificate\
\ resource is created. This operation requires the\ncertificates/create permission.\
\ Waiting on the returned poller requires the certificates/get permission and\n\
gives you the certificate if creation is successful, or the CertificateOperation\
\ if not \u2013 otherwise, it raises\nan <xref:azure.core.exceptions.HttpResponseError>."
signature: 'begin_create_certificate(certificate_name: str, policy: CertificatePolicy,
**kwargs: Any) -> LROPoller[KeyVaultCertificate | CertificateOperation]'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
- name: policy
description: 'The management policy for the certificate. Either subject or one
of the subject alternative
name properties are required.'
isRequired: true
types:
- <xref:azure.keyvault.certificates.CertificatePolicy>
keywordOnlyParameters:
- name: enabled
description: Whether the certificate is enabled for use.
types:
- <xref:bool>
- name: tags
description: Application specific metadata in the form of key-value pairs.
types:
- <xref:dict>[<xref:str>, <xref:str>]
return:
description: 'An LROPoller for the create certificate operation. Waiting on the
poller gives you the certificate if
creation is successful, or the CertificateOperation if not.'
types:
- <xref:azure.core.polling.LROPoller>[<xref:azure.keyvault.certificates.KeyVaultCertificate>
- <xref:azure.keyvault.certificates.CertificateOperation>]
exceptions:
- type: ValueError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate policy is invalid; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.begin_delete_certificate
name: begin_delete_certificate
summary: 'Delete all versions of a certificate. Requires certificates/delete permission.
When this method returns Key Vault has begun deleting the certificate. Deletion
may take several seconds in a
vault with soft-delete enabled. This method therefore returns a poller enabling
you to wait for deletion to
complete.'
signature: 'begin_delete_certificate(certificate_name: str, **kwargs: Any) -> LROPoller[DeletedCertificate]'
parameters:
- name: certificate_name
description: The name of the certificate to delete.
isRequired: true
types:
- <xref:str>
return:
description: 'A poller for the delete certificate operation. The poller''s *result*
method returns the
<xref:azure.keyvault.certificates.DeletedCertificate> without waiting for deletion
to complete. If the
vault has soft-delete enabled and you want to immediately, permanently delete
the certificate with
<xref:azure.keyvault.certificates.CertificateClient.purge_deleted_certificate>,
call the poller''s *wait* method first. It will block until the deletion
is complete. The *wait* method requires certificates/get permission.'
types:
- <xref:azure.core.polling.LROPoller>[<xref:azure.keyvault.certificates.DeletedCertificate>]
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate doesn't exist; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.begin_recover_deleted_certificate
name: begin_recover_deleted_certificate
summary: 'Recover a deleted certificate to its latest version. Possible only in
a vault with soft-delete enabled.
Requires certificates/recover permission. When this method returns Key Vault has
begun recovering the
certificate. Recovery may take several seconds. This method therefore returns
a poller enabling you to wait for
recovery to complete. Waiting is only necessary when you want to use the recovered
certificate in another
operation immediately.'
signature: 'begin_recover_deleted_certificate(certificate_name: str, **kwargs: Any)
-> LROPoller[KeyVaultCertificate]'
parameters:
- name: certificate_name
description: The name of the deleted certificate to recover
isRequired: true
types:
- <xref:str>
return:
description: 'A poller for the recovery operation. The poller''s *result* method
returns the recovered
<xref:azure.keyvault.certificates.KeyVaultCertificate> without waiting for recovery
to complete. If you
want to use the recovered certificate immediately, call the poller''s *wait*
method, which blocks until the
certificate is ready to use. The *wait* method requires certificate/get permission.'
types:
- <xref:azure.core.polling.LROPoller>[<xref:azure.keyvault.certificates.KeyVaultCertificate>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.cancel_certificate_operation
name: cancel_certificate_operation
summary: Cancels an in-progress certificate operation. Requires the certificates/update
permission.
signature: 'cancel_certificate_operation(certificate_name: str, **kwargs: Any) ->
CertificateOperation'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: The cancelled certificate operation
types:
- <xref:azure.keyvault.certificates.CertificateOperation>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.close
name: close
summary: 'Close sockets opened by the client.
Calling this method is unnecessary when using the client as a context manager.'
signature: close() -> None
- uid: azure.keyvault.certificates.CertificateClient.create_issuer
name: create_issuer
summary: Sets the specified certificate issuer. Requires certificates/setissuers
permission.
signature: 'create_issuer(issuer_name: str, provider: str, **kwargs: Any) -> CertificateIssuer'
parameters:
- name: issuer_name
description: The name of the issuer.
isRequired: true
types:
- <xref:str>
- name: provider
description: The issuer provider.
isRequired: true
types:
- <xref:str>
keywordOnlyParameters:
- name: enabled
description: Whether the issuer is enabled for use.
types:
- <xref:bool>
- name: account_id
description: The user name/account name/account id.
types:
- <xref:str>
- name: password
description: The password/secret/account key.
types:
- <xref:str>
- name: organization_id
description: Id of the organization
types:
- <xref:str>
- name: admin_contacts
description: 'Contact details of the organization administrators of the
certificate issuer.'
types:
- <xref:list>[<xref:azure.keyvault.certificates.AdministratorContact>]
return:
description: The created CertificateIssuer
types:
- <xref:azure.keyvault.certificates.CertificateIssuer>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.delete_certificate_operation
name: delete_certificate_operation
summary: 'Deletes and stops the creation operation for a specific certificate.
Requires the certificates/update permission.'
signature: 'delete_certificate_operation(certificate_name: str, **kwargs: Any) ->
CertificateOperation'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: The deleted CertificateOperation
types:
- <xref:azure.keyvault.certificates.CertificateOperation>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.delete_contacts
name: delete_contacts
summary: Deletes the certificate contacts for the key vault. Requires the certificates/managecontacts
permission.
signature: 'delete_contacts(**kwargs: Any) -> List[CertificateContact]'
return:
description: The deleted contacts for the key vault.
types:
- <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.delete_issuer
name: delete_issuer
summary: 'Deletes the specified certificate issuer.
Requires certificates/manageissuers/deleteissuers permission.'
signature: 'delete_issuer(issuer_name: str, **kwargs: Any) -> CertificateIssuer'
parameters:
- name: issuer_name
description: The name of the issuer.
isRequired: true
types:
- <xref:str>
return:
description: CertificateIssuer
types:
- <xref:azure.keyvault.certificates.CertificateIssuer>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.get_certificate
name: get_certificate
summary: 'Gets a certificate with its management policy attached. Requires certificates/get
permission.
Does not accept the version of the certificate as a parameter. To get a specific
version of the
certificate, call <xref:azure.keyvault.certificates.CertificateClient.get_certificate_version>.'
signature: 'get_certificate(certificate_name: str, **kwargs: Any) -> KeyVaultCertificate'
parameters:
- name: certificate_name
description: The name of the certificate in the given vault.
isRequired: true
types:
- <xref:str>
return:
description: An instance of KeyVaultCertificate
types:
- <xref:azure.keyvault.certificates.KeyVaultCertificate>
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate doesn't exist; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.get_certificate_operation
name: get_certificate_operation
summary: Gets the creation operation of a certificate. Requires the certificates/get
permission.
signature: 'get_certificate_operation(certificate_name: str, **kwargs: Any) -> CertificateOperation'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: The created CertificateOperation
types:
- <xref:azure.keyvault.certificates.CertificateOperation>
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate doesn't exist; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.get_certificate_policy
name: get_certificate_policy
summary: 'Gets the policy for a certificate. Requires certificates/get permission.
Returns the specified certificate policy resources in the key vault.'
signature: 'get_certificate_policy(certificate_name: str, **kwargs: Any) -> CertificatePolicy'
parameters:
- name: certificate_name
description: The name of the certificate in a given key vault.
isRequired: true
types:
- <xref:str>
return:
description: The certificate policy
types:
- <xref:azure.keyvault.certificates.CertificatePolicy>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.get_certificate_version
name: get_certificate_version
summary: 'Gets a specific version of a certificate without returning its management
policy.
Requires certificates/get permission. To get the latest version of the certificate,
or to get the certificate''s
policy as well, call <xref:azure.keyvault.certificates.CertificateClient.get_certificate>.'
signature: 'get_certificate_version(certificate_name: str, version: str, **kwargs:
Any) -> KeyVaultCertificate'
parameters:
- name: certificate_name
description: The name of the certificate in the given vault.
isRequired: true
types:
- <xref:str>
- name: version
description: The version of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: An instance of KeyVaultCertificate
types:
- <xref:azure.keyvault.certificates.KeyVaultCertificate>
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate doesn't exist; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.get_contacts
name: get_contacts
summary: Gets the certificate contacts for the key vault. Requires the certificates/managecontacts
permission.
signature: 'get_contacts(**kwargs: Any) -> List[CertificateContact]'
return:
description: The certificate contacts for the key vault.
types:
- <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.get_deleted_certificate
name: get_deleted_certificate
summary: 'Get a deleted certificate. Possible only in a vault with soft-delete enabled.
Requires certificates/get permission. Retrieves the deleted certificate information
plus its attributes, such as
retention interval, scheduled permanent deletion, and the current deletion recovery
level.'
signature: 'get_deleted_certificate(certificate_name: str, **kwargs: Any) -> DeletedCertificate'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: The deleted certificate
types:
- <xref:azure.keyvault.certificates.DeletedCertificate>
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the certificate doesn't exist; the latter for other
errors
- uid: azure.keyvault.certificates.CertificateClient.get_issuer
name: get_issuer
summary: Gets the specified certificate issuer. Requires certificates/manageissuers/getissuers
permission.
signature: 'get_issuer(issuer_name: str, **kwargs: Any) -> CertificateIssuer'
parameters:
- name: issuer_name
description: The name of the issuer.
isRequired: true
types:
- <xref:str>
return:
description: The specified certificate issuer.
types:
- <xref:azure.keyvault.certificates.CertificateIssuer>
exceptions:
- type: azure.core.exceptions.ResourceNotFoundError
- type: azure.core.exceptions.HttpResponseError
description: the former if the issuer doesn't exist; the latter for other errors
- uid: azure.keyvault.certificates.CertificateClient.import_certificate
name: import_certificate
summary: 'Import a certificate created externally. Requires certificates/import
permission.
Imports an existing valid certificate, containing a private key, into Azure Key
Vault. The certificate to be
imported can be in either PFX or PEM format. If the certificate is in PEM format
the PEM file must contain the
key as well as x509 certificates, and you must provide a `policy` with
<xref:azure.keyvault.certificates.CertificatePolicy.content_type> of
<xref:azure.keyvault.certificates.CertificateContentType.pem>.'
signature: 'import_certificate(certificate_name: str, certificate_bytes: bytes,
**kwargs: Any) -> KeyVaultCertificate'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
- name: certificate_bytes
description: 'Bytes of the certificate object to import. This certificate
needs to contain the private key.'
isRequired: true
types:
- <xref:bytes>
keywordOnlyParameters:
- name: enabled
description: Whether the certificate is enabled for use.
types:
- <xref:bool>
- name: tags
description: Application specific metadata in the form of key-value pairs.
types:
- <xref:dict>[<xref:str>, <xref:str>]
- name: password
description: 'If the private key in the passed in certificate is encrypted, it
is the password used for encryption.'
types:
- <xref:str>
- name: policy
description: 'The management policy for the certificate. Required if importing
a PEM-format certificate,
with <xref:azure.keyvault.certificates.CertificatePolicy.content_type> set to
<xref:azure.keyvault.certificates.CertificateContentType.pem>.'
types:
- <xref:azure.keyvault.certificates.CertificatePolicy>
return:
description: The imported KeyVaultCertificate
types:
- <xref:azure.keyvault.certificates.KeyVaultCertificate>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_deleted_certificates
name: list_deleted_certificates
summary: 'Lists the currently-recoverable deleted certificates. Possible only if
vault is soft-delete enabled.
Requires certificates/get/list permission. Retrieves the certificates in the current
vault which are in a
deleted state and ready for recovery or purging. This operation includes deletion-specific
information.'
signature: 'list_deleted_certificates(*, include_pending: bool | None = None, **kwargs:
Any) -> ItemPaged[DeletedCertificate]'
keywordOnlyParameters:
- name: include_pending
description: 'Specifies whether to include certificates which are not completely
deleted.
Only available for API versions v7.0 and up. If not provided, Key Vault treats
this as False.'
types:
- <xref:bool>
- <xref:None>
return:
description: An iterator-like instance of DeletedCertificate
types:
- <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.DeletedCertificate>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_properties_of_certificate_versions
name: list_properties_of_certificate_versions
summary: 'List the identifiers and properties of a certificate''s versions.
Requires certificates/list permission.'
signature: 'list_properties_of_certificate_versions(certificate_name: str, **kwargs:
Any) -> ItemPaged[CertificateProperties]'
parameters:
- name: certificate_name
description: The name of the certificate.
isRequired: true
types:
- <xref:str>
return:
description: An iterator-like instance of CertificateProperties
types:
- <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.CertificateProperties>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_properties_of_certificates
name: list_properties_of_certificates
summary: 'List identifiers and properties of all certificates in the vault.
Requires certificates/list permission.'
signature: 'list_properties_of_certificates(*, include_pending: bool | None = None,
**kwargs: Any) -> ItemPaged[CertificateProperties]'
keywordOnlyParameters:
- name: include_pending
description: 'Specifies whether to include certificates which are not completely
provisioned.
Only available for API versions v7.0 and up. If not provided, Key Vault treats
this as False.'
types:
- <xref:bool>
- <xref:None>
return:
description: An iterator-like instance of CertificateProperties
types:
- <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.CertificateProperties>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.list_properties_of_issuers
name: list_properties_of_issuers
summary: 'Lists properties of the certificate issuers for the key vault.
Requires the certificates/manageissuers/getissuers permission.'
signature: 'list_properties_of_issuers(**kwargs: Any) -> ItemPaged[IssuerProperties]'
return:
description: An iterator-like instance of Issuers
types:
- <xref:azure.core.paging.ItemPaged>[<xref:azure.keyvault.certificates.CertificateIssuer>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.merge_certificate
name: merge_certificate
summary: 'Merges a certificate or a certificate chain with a key pair existing on
the server.
Requires the certificates/create permission. Performs the merging of a certificate
or certificate chain with a
key pair currently available in the service. Make sure when creating the certificate
to merge using
<xref:azure.keyvault.certificates.CertificateClient.begin_create_certificate>
that you set its issuer to ''Unknown''. This way Key Vault knows that the
certificate will not be signed by an issuer known to it.'
signature: 'merge_certificate(certificate_name: str, x509_certificates: List[bytes],
**kwargs: Any) -> KeyVaultCertificate'
parameters:
- name: certificate_name
description: The name of the certificate
isRequired: true
types:
- <xref:str>
- name: x509_certificates
description: The certificate or the certificate chain to merge.
isRequired: true
types:
- <xref:list>[<xref:bytes>]
keywordOnlyParameters:
- name: enabled
description: Whether the certificate is enabled for use.
types:
- <xref:bool>
- <xref:None>
- name: tags
description: Application specific metadata in the form of key-value pairs.
types:
- <xref:dict>[<xref:str>, <xref:str>]
- <xref:None>
return:
description: The merged certificate
types:
- <xref:azure.keyvault.certificates.KeyVaultCertificate>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.purge_deleted_certificate
name: purge_deleted_certificate
summary: 'Permanently deletes a deleted certificate. Possible only in vaults with
soft-delete enabled.
Requires certificates/purge permission. Performs an irreversible deletion of the
specified certificate, without
possibility for recovery. The operation is not available if the
<xref:azure.keyvault.certificates.CertificateProperties.recovery_level> does not
specify ''Purgeable''.
This method is only necessary for purging a certificate before its
<xref:azure.keyvault.certificates.DeletedCertificate.scheduled_purge_date>.'
signature: 'purge_deleted_certificate(certificate_name: str, **kwargs: Any) -> None'
parameters:
- name: certificate_name
description: The name of the certificate
isRequired: true
types:
- <xref:str>
return:
description: None
types:
- <xref:None>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.restore_certificate_backup
name: restore_certificate_backup
summary: 'Restore a certificate backup to the vault. Requires certificates/restore
permission.
This restores all versions of the certificate, with its name, attributes, and
access control policies. If the
certificate''s name is already in use, restoring it will fail. Also, the target
vault must be owned by the same
Microsoft Azure subscription as the source vault.'
signature: 'restore_certificate_backup(backup: bytes, **kwargs: Any) -> KeyVaultCertificate'
parameters:
- name: backup
description: The backup blob associated with a certificate bundle.
isRequired: true
types:
- <xref:bytes>
return:
description: The restored KeyVaultCertificate
types:
- <xref:azure.keyvault.certificates.KeyVaultCertificate>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.send_request
name: send_request
summary: 'Runs a network request using the client''s existing pipeline.
The request URL can be relative to the vault URL. The service API version used
for the request is the same as
the client''s unless otherwise specified. This method does not raise if the response
is an error; to raise an
exception, call *raise_for_status()* on the returned response object. For more
information about how to send
custom requests with this method, see [https://aka.ms/azsdk/dpcodegen/python/send_request](https://aka.ms/azsdk/dpcodegen/python/send_request).'
signature: 'send_request(request: HttpRequest, *, stream: bool = False, **kwargs:
Any) -> HttpResponse'
parameters:
- name: request
description: The network request you want to make.
isRequired: true
types:
- <xref:azure.core.rest.HttpRequest>
keywordOnlyParameters:
- name: stream
description: Whether the response payload will be streamed. Defaults to False.
types:
- <xref:bool>
return:
description: The response of your network call. Does not do error handling on
your response.
types:
- <xref:azure.core.rest.HttpResponse>
- uid: azure.keyvault.certificates.CertificateClient.set_contacts
name: set_contacts
summary: Sets the certificate contacts for the key vault. Requires certificates/managecontacts
permission.
signature: 'set_contacts(contacts: List[CertificateContact], **kwargs: Any) -> List[CertificateContact]'
parameters:
- name: contacts
description: The contact list for the vault certificates.
isRequired: true
types:
- <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
return:
description: The created list of contacts
types:
- <xref:list>[<xref:azure.keyvault.certificates.CertificateContact>]
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.update_certificate_policy
name: update_certificate_policy
summary: 'Updates the policy for a certificate. Requires certificates/update permission.
Set specified members in the certificate policy. Leaves others as null.'
signature: 'update_certificate_policy(certificate_name: str, policy: CertificatePolicy,
**kwargs: Any) -> CertificatePolicy'
parameters:
- name: certificate_name
description: The name of the certificate in the given vault.
isRequired: true
types:
- <xref:str>
- name: policy
description: The policy for the certificate.
isRequired: true
types:
- <xref:azure.keyvault.certificates.CertificatePolicy>
return:
description: The certificate policy
types:
- <xref:azure.keyvault.certificates.CertificatePolicy>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.update_certificate_properties
name: update_certificate_properties
summary: Change a certificate's properties. Requires certificates/update permission.
signature: 'update_certificate_properties(certificate_name: str, version: str |
None = None, **kwargs: Any) -> KeyVaultCertificate'
parameters:
- name: certificate_name
description: The name of the certificate in the given key vault.
isRequired: true
types:
- <xref:str>
- name: version
description: The version of the certificate.
isRequired: true
types:
- <xref:str>
keywordOnlyParameters:
- name: enabled
description: Whether the certificate is enabled for use.
types:
- <xref:bool>
- name: tags
description: Application specific metadata in the form of key-value pairs.
types:
- <xref:dict>[<xref:str>, <xref:str>]
return:
description: The updated KeyVaultCertificate
types:
- <xref:azure.keyvault.certificates.KeyVaultCertificate>
exceptions:
- type: azure.core.exceptions.HttpResponseError
- uid: azure.keyvault.certificates.CertificateClient.update_issuer
name: update_issuer
summary: Updates the specified certificate issuer. Requires certificates/setissuers
permission.
signature: 'update_issuer(issuer_name: str, **kwargs: Any) -> CertificateIssuer'
parameters:
- name: issuer_name
description: The name of the issuer.
isRequired: true
types:
- <xref:str>
keywordOnlyParameters:
- name: enabled
description: Whether the issuer is enabled for use.
types:
- <xref:bool>
- name: provider
description: The issuer provider
types:
- <xref:str>
- name: account_id
description: The user name/account name/account id.
types:
- <xref:str>
- name: password
description: The password/secret/account key.
types:
- <xref:str>
- name: organization_id
description: Id of the organization
types:
- <xref:str>
- name: admin_contacts
description: Contact details of the organization administrators of the certificate
issuer
types:
- <xref:list>[<xref:azure.keyvault.certificates.AdministratorContact>]
return:
description: The updated issuer
types:
- <xref:azure.keyvault.certificates.CertificateIssuer>
exceptions:
- type: azure.core.exceptions.HttpResponseError
attributes:
- uid: azure.keyvault.certificates.CertificateClient.vault_url
name: vault_url