@@ -14,14 +14,14 @@ ms.devlang: golang
1414
1515In this quickstart, you'll learn to use the Azure SDK for Go to manage certificates in an Azure Key Vault.
1616
17- Azure Key Vault is a cloud service that works as a secure secrets store. You can securely store keys, passwords, certificates, and other secrets. For more information on Key Vault, you may review the [ Overview] ( ../general/overview.md ) .
17+ Azure Key Vault is a cloud service that works as a secure secrets store. You can securely store keys, passwords, certificates, and other secrets. For more information on Key Vault, you may review the [ Overview] ( ../general/overview.md ) .
1818
19- Follow this guide to learn how to use the [ azcertificates] ( https://pkg.go.dev/github.com/Azure/azure-sdk-for- go/sdk/ keyvault/azcertificates ) package to manage your Azure Key Vault certificates using Go.
19+ Follow this guide to learn how to use the [ azcertificates] ( https://aka.ms/azsdk/ go/keyvault-certificates/docs ) package to manage your Azure Key Vault certificates using Go.
2020
2121## Prerequisites
2222
2323- An Azure subscription - [ create one for free] ( https://azure.microsoft.com/free/?WT.mc_id=A261C142F ) .
24- - ** Go installed** : Version 1.16 or [ above] ( https://go.dev/dl/ )
24+ - ** Go installed** : Version 1.18 or [ above] ( https://go.dev/dl/ )
2525- [ Azure CLI] ( /cli/azure/install-azure-cli )
2626
2727## Set up your environment
@@ -42,7 +42,7 @@ Follow this guide to learn how to use the [azcertificates](https://pkg.go.dev/gi
42421. Deploy a new key vault instance.
4343
4444 ```azurecli
45- az keyvault create --name <keyVaultName> --resource-group myResourceGroup
45+ az keyvault create --name <keyVaultName> --resource-group myResourceGroup
4646 ```
4747
4848 Replace `<keyVaultName>` with a name that's unique across all of Azure. You typically use your personal or company name along with other numbers and identifiers.
@@ -65,103 +65,98 @@ package main
6565import (
6666 "context"
6767 "fmt"
68+ "log"
6869 "time"
6970
7071 "github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
7172 "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
7273 "github.com/Azure/azure-sdk-for-go/sdk/keyvault/azcertificates"
7374)
7475
75- var (
76- ctx = context.Background()
77- )
78-
7976func getClient() *azcertificates.Client {
80-
8177 keyVaultName := os.Getenv("KEY_VAULT_NAME")
8278 if keyVaultName == "" {
83- panic ("KEY_VAULT_NAME environment variable not set")
79+ log.Fatal ("KEY_VAULT_NAME environment variable not set")
8480 }
8581 keyVaultUrl := fmt.Sprintf("https://%s.vault.azure.net/", keyVaultName)
8682
8783 cred, err := azidentity.NewDefaultAzureCredential(nil)
8884 if err != nil {
89- panic (err)
85+ log.Fatal (err)
9086 }
9187
92- client, err := azcertificates.NewClient(keyVaultUrl, cred, nil)
93- if err != nil {
94- panic(err)
95- }
96- return client
88+ return azcertificates.NewClient(keyVaultUrl, cred, nil)
9789}
9890
9991func createCert(client *azcertificates.Client) {
100- resp, err := client.BeginCreateCertificate(ctx, "myCertName", azcertificates.CertificatePolicy{
101- IssuerParameters: &azcertificates.IssuerParameters{
102- Name: to.StringPtr("Self"),
103- },
104- X509CertificateProperties: &azcertificates.X509CertificateProperties{
105- Subject: to.StringPtr("CN=DefaultPolicy"),
92+ params := azcertificates.CreateCertificateParameters{
93+ CertificatePolicy: &azcertificates.CertificatePolicy{
94+ IssuerParameters: &azcertificates.IssuerParameters{
95+ Name: to.Ptr("Self"),
96+ },
97+ X509CertificateProperties: &azcertificates.X509CertificateProperties{
98+ Subject: to.Ptr("CN=DefaultPolicy"),
99+ },
106100 },
107- }, nil)
108- if err != nil {
109- panic(err)
110101 }
111-
112- pollerResp, err := resp.PollUntilDone(ctx, 1*time.Second)
102+ resp, err := client.CreateCertificate(context.TODO(), "myCertName", params, nil)
113103 if err != nil {
114- panic (err)
104+ log.Fatal (err)
115105 }
116- fmt.Printf("Created certificate with ID: %s\n", *pollerResp.ID)
106+
107+ fmt.Printf("Requested a new certificate. Operation status: %s\n", *resp.Status)
117108}
118109
119110func getCert(client *azcertificates.Client) {
120- getResp, err := client.GetCertificate(ctx, "myCertName", nil)
111+ // an empty string version gets the latest version of the certificate
112+ version := ""
113+ getResp, err := client.GetCertificate(context.TODO(), "myCertName", version, nil)
121114 if err != nil {
122- panic (err)
115+ log.Fatal (err)
123116 }
124- fmt.Println("Enabled set to:", *getResp.Properties .Enabled)
117+ fmt.Println("Enabled set to:", *getResp.Attributes .Enabled)
125118}
126119
127120func listCert(client *azcertificates.Client) {
128- poller := client.ListCertificates(nil)
129- for poller.NextPage(ctx) {
130- for _, cert := range poller.PageResponse().Certificates {
121+ pager := client.NewListCertificatesPager(nil)
122+ for pager.More() {
123+ page, err := pager.NextPage(context.Background())
124+ if err != nil {
125+ log.Fatal(err)
126+ }
127+ for _, cert := range page.Value {
131128 fmt.Println(*cert.ID)
132129 }
133130 }
134- if poller.Err() != nil {
135- panic(poller.Err)
136- }
137131}
138132
139133func updateCert(client *azcertificates.Client) {
140134 // disables the certificate, sets an expires date, and add a tag
141- _, err := client.UpdateCertificateProperties(ctx, "myCertName", &azcertificates.UpdateCertificatePropertiesOptions{
142- Version: "myNewVersion",
143- CertificateAttributes: &azcertificates.CertificateProperties{
144- Enabled: to.BoolPtr(false),
145- Expires: to.TimePtr(time.Now().Add(72 * time.Hour)),
135+ params := azcertificates.UpdateCertificateParameters{
136+ CertificateAttributes: &azcertificates.CertificateAttributes{
137+ Enabled: to.Ptr(false),
138+ Expires: to.Ptr(time.Now().Add(72 * time.Hour)),
146139 },
147- Tags: map[string]string{"Owner": "SRE"},
148- })
140+ Tags: map[string]*string{"Owner": to.Ptr("SRE")},
141+ }
142+ // an empty string version updates the latest version of the certificate
143+ version := ""
144+ _, err := client.UpdateCertificate(context.TODO(), "myCertName", version, params, nil)
149145 if err != nil {
150- panic (err)
146+ log.Fatal (err)
151147 }
152148 fmt.Println("Updated certificate properites: Enabled=false, Expires=72h, Tags=SRE")
153149}
154150
155151func deleteCert(client *azcertificates.Client) {
156- pollerResp, err := client.BeginDeleteCertificate(ctx, "myCertName", nil)
157- if err != nil {
158- panic(err)
159- }
160- finalResp, err := pollerResp.PollUntilDone(ctx, time.Second)
152+ // DeleteCertificate returns when Key Vault has begun deleting the certificate. That can take several
153+ // seconds to complete, so it may be necessary to wait before performing other operations on the
154+ // deleted certificate.
155+ resp, err := client.DeleteCertificate(context.TODO(), "myCertName", nil)
161156 if err != nil {
162- panic (err)
157+ log.Fatal (err)
163158 }
164- fmt.Println("Deleted certificate with ID: ", *finalResp .ID)
159+ fmt.Println("Deleted certificate with ID: ", *resp .ID)
165160}
166161
167162func main() {
@@ -211,103 +206,7 @@ go run main.go
211206
212207## Code examples
213208
214- ** Authenticate and create a client**
215-
216- ``` go
217- cred , err := azidentity.NewDefaultAzureCredential (nil )
218- if err != nil {
219- panic (err)
220- }
221-
222- client, err = azcertificates.NewClient (" https://my-key-vault.vault.azure.net/" nil )
223- if err != nil {
224- panic (err)
225- }
226- ```
227-
228- ** Create a certificate**
229-
230- ``` go
231- resp , err := client.BeginCreateCertificate (context.TODO (), " myCert" CertificatePolicy {
232- IssuerParameters : &azcertificates.IssuerParameters {
233- Name: to.StringPtr (" Self"
234- },
235- X509CertificateProperties : &azcertificates.X509CertificateProperties {
236- Subject: to.StringPtr (" CN=DefaultPolicy"
237- },
238- }, nil )
239- if err != nil {
240- panic (err)
241- }
242-
243- pollerResp , err := resp.PollUntilDone (context.TODO (), 1 *time.Second )
244- if err != nil {
245- panic (err)
246- }
247- fmt.Println (*pollerResp.ID )
248- ```
249-
250- ** Get a certificate**
251-
252- ``` go
253- getResp , err := client.GetCertificate (context.TODO (), " myCertName" nil )
254- if err != nil {
255- panic (err)
256- }
257- fmt.Println (*getResp.ID )
258-
259- // optionally you can get a specific version
260- getResp, err = client.GetCertificate (context.TODO (), " myCertName" GetCertificateOptions {Version: " myCertVersion"
261- if err != nil {
262- panic (err)
263- }
264- ```
265-
266- ** List certificates**
267-
268- ``` go
269- poller := client.ListCertificates (nil )
270- for poller.NextPage (context.TODO ()) {
271- for _ , cert := range poller.PageResponse ().Certificates {
272- fmt.Println (*cert.ID )
273- }
274- }
275- if poller.Err () != nil {
276- panic (err)
277- }
278- ```
279-
280- ** Update a certificate**
281-
282- ``` go
283- _ , err := client.UpdateCertificateProperties (context.TODO (), " myCertName" UpdateCertificatePropertiesOptions {
284- Version : " myNewVersion"
285- CertificateAttributes : &azcertificates.CertificateProperties {
286- Enabled: to.BoolPtr (false ),
287- Expires: to.TimePtr (time.Now ().Add (72 * time.Hour )),
288- },
289- Tags : map [string ]string {" Owner" " SRE"
290- })
291- if err != nil {
292- panic (err)
293- }
294- ```
295-
296- ** Delete a certificate**
297-
298- ``` go
299- pollerResp , err := client.BeginDeleteCertificate (context.TODO (), " myCertName" nil )
300- if err != nil {
301- panic (err)
302- }
303- finalResp , err := pollerResp.PollUntilDone (context.TODO (), time.Second )
304- if err != nil {
305- panic (err)
306- }
307-
308- fmt.Println (" Deleted certificate with ID: " ID )
309- ```
310-
209+ See the [ module documentation] ( https://aka.ms/azsdk/go/keyvault-certificates/docs ) for more examples.
311210
312211## Clean up resources
313212
0 commit comments