How To Store Certificate (.pem) in Azure Keyvault using Secrets and fetch values from secrets into pem file using python

How To Store Certificate (.pem) in Azure Keyvault using Secrets and fetch values from secrets into pem file using python

Santhosh Thomas
·Jan 1, 2022·

Subscribe to my newsletter and never miss my upcoming articles

Table of contents

  • Convert .pem Certificate file into base64 using certutil
  • Python code to fetch certificate value from keyvault and store into a pem file

Convert .pem Certificate file into base64 using certutil

certutil -encode filename.cer newfilename.cer
  1. Go to azure portal

  2. Select ketvault service

  3. Create a new keyvault

  4. Select secrets from setting on sidepanel

  5. Create a new secret

  6. Copy paste base 64 into secret value and save it

Python code to fetch certificate value from keyvault and store into a pem file

from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient
credentials = DefaultAzureCredential()
secret_client = SecretClient(vault_url=key_vault_url, credential=credentials)
cert_value =  secret_client.get_secret("Certificate").value

with open('certificate.pem','w') as fopen:
        fopen.write(base64.b64decode(cert_value).decode())
 
Share this