Get Private Key for a certificate from Azure Key Vault

Shashikant Sharma 85 Reputation points
2024-10-16T13:18:42.1966667+00:00

I need a public key as encryptionCertificate, to encrypt the resource data that returns to my ReactJs Client app. Later a private key to decrypt MS Graph Rich notifications includes the resource data, as per URL: https://learn.microsoft.com/en-us/graph/change-notifications-with-resource-data?tabs=javascript

I have created a self-signed Azure certificate on Vault and accessing it via an Azure function, I am trying to send private and public key to my React JS Client App via this Azure Function, I am able to get the public key but can't get the private key. How can I get the private key form the Azure vault for the certificate?

I have tried CertificateClient, KeyClient, SecretClient classes in my function app.

Following code gave me public key

var latestCertificate = await VaultManager._certificateClient.getCertificate(_certificateName);

const {cer } = latestCertificate as KeyVaultCertificate;

const base64CER = Buffer.from(cer).toString("base64");

console.log("public: ", base64CER);

Tried getting private key using secretClient.getSecret(this._certificateName);,

but no success. Any help?

Update:

I manage to get private and public keys openssl with the data returned from secretClient.getSecret(this._certificateName). Data was in pkcs1 format, I saved in in a file 'pkcs12.p12', then I created private key and public key using openssl.

Now I want to do it without openssl. How can I do it?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,322 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,379 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shashikant Sharma 85 Reputation points
    2024-11-05T15:14:29.07+00:00

    I manage to get private and public keys openssl with the data returned from secretClient.getSecret(this._certificateName). Data was in pkcs1 format, I saved in in a file 'pkcs12.p12', then I created private key and public key using openssl.

    Now I want to do it without openssl. How can I do it?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.