是否可以在 Azure Key Vault 中存储和检索 PFX (PKCS12) 密钥库

问题描述 投票:0回答:1

我想将私钥和证书链(PFX 文件)导入到 Azure Key Vault。在 Java Spring 应用程序中,我想从密钥库检索 PFX 以创建 Java 密钥库。使用 Azure Key Vault 和 Java SDK 可以实现这一点吗?

java rsa azure-keyvault pfx pkcs#12
1个回答
0
投票

我想将私钥和证书链(PFX 文件)导入到 Azure Key Vault。

我已按照以下步骤在 Azure 密钥保管库中导入带有私钥的 PFX 证书。

  • 导航到 Azure 密钥保管库 => 证书,选择 生成/导入证书
  • 选择导入作为证书创建方法,上传PFX证书并输入密码。单击创建

enter image description here

使用以下代码使用Java检索证书,请参阅MSDOC

@RequestMapping("/")  
public void hello()   
{  
    String keyVaultName = "<Keyvault_Name>";
    String certificateName = "<Certificate_Name>";

    CertificateClient certificateClient = new CertificateClientBuilder()
            .vaultUrl("https://" + keyVaultName + ".vault.azure.net")
            .credential(new DefaultAzureCredentialBuilder().build())
            .buildClient();

            KeyVaultCertificateWithPolicy certificate = certificateClient.getCertificate(certificateName);
            System.out.printf("Received certificate with name \"%s\", version %s and secret id %s%n",
            certificate.getProperties().getName(), certificate.getProperties().getVersion(), certificate.getSecretId());
}

回复:

2024-10-03T15:52:06.580+05:30  INFO 4992 --- [demo] [  restartedMain] o.s.b.d.a.OptionalLiveReloadServer       : LiveReload server is running on port 35729
2024-10-03T15:52:06.660+05:30  INFO 4992 --- [demo] [  restartedMain] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port 8080 (http) with context path '/'
2024-10-03T15:52:06.680+05:30  INFO 4992 --- [demo] [  restartedMain] com.example.demo.DemoApplication         : Started DemoApplication in 3.443 seconds (process running for 4.339)
2024-10-03T15:52:35.080+05:30  INFO 4992 --- [demo] [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
//Other logs
2024-10-03T15:52:47.634+05:30  INFO 4992 --- [demo] [nio-8080-exec-1] c.azure.identity.ChainedTokenCredential  : Azure Identity => Attempted credential AzureCliCredential returns a token
2024-10-03T15:52:47.635+05:30  INFO 4992 --- [demo] [nio-8080-exec-1] c.a.c.implementation.AccessTokenCache    : {"az.sdk.message":"Acquired a new access token."}
//Retrieved Certificate details
Received certificate with name "pfxcer", version a97518bff5104aXXX8524c595dcb and secret id https://KeyvaultName.vault.azure.net/secrets/pfxcer/a97518bff5104aXX9fa8524c595dcb
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.