{"library":"azure-keyvault-certificates","code":"import os\nfrom azure.keyvault.certificates import CertificateClient, CertificatePolicy\nfrom azure.identity import DefaultAzureCredential\n\n# Set your Key Vault name and certificate name as environment variables or replace directly.\n# For local development, ensure you are logged in via Azure CLI (az login).\nkeyvault_name = os.environ.get('AZURE_KEYVAULT_NAME', 'YOUR_KEY_VAULT_NAME')\ncertificate_name = 'MySampleCertificate'\n\n# Construct the Key Vault URL\nvault_url = f\"https://{keyvault_name}.vault.azure.net\"\n\n# Authenticate using DefaultAzureCredential\n# This credential type is suitable for local development and managed identity in production.\ncredential = DefaultAzureCredential()\n\n# Create a CertificateClient\ncertificate_client = CertificateClient(vault_url=vault_url, credential=credential)\n\nasync def manage_certificate():\n    print(f\"Creating a self-signed certificate '{certificate_name}' in {keyvault_name}...\")\n    # Create a certificate policy for a self-signed certificate\n    policy = CertificatePolicy.create_self_signed(\n        subject=\"CN=www.contoso.com\",\n        issuer_name=\"Self\",\n        validity_in_months=12\n    )\n\n    # Begin creating the certificate - this is a long-running operation\n    poller = await certificate_client.begin_create_certificate(certificate_name, policy)\n    \n    # Wait for the certificate creation to complete\n    created_certificate = await poller.result()\n    print(f\"Certificate '{created_certificate.name}' created with thumbprint: {created_certificate.properties.x509_thumbprint}\")\n\n    print(f\"Retrieving certificate '{certificate_name}'...\")\n    retrieved_certificate = await certificate_client.get_certificate(certificate_name)\n    print(f\"Retrieved certificate version: {retrieved_certificate.properties.version}\")\n\n    print(f\"Deleting certificate '{certificate_name}'...\")\n    # Begin deleting the certificate - this is a long-running operation\n    delete_poller = await certificate_client.begin_delete_certificate(certificate_name)\n    await delete_poller.wait()\n    print(f\"Certificate '{certificate_name}' deleted.\")\n\n    # Don't forget to close the credential and client when done (especially for async)\n    await certificate_client.close()\n    await credential.close()\n\n# Example of how to run the async function\nimport asyncio\nif __name__ == '__main__':\n    # Make sure to set AZURE_KEYVAULT_NAME environment variable\n    # e.g., export AZURE_KEYVAULT_NAME=\"my-unique-vault-name\"\n    # And login via Azure CLI: az login\n    asyncio.run(manage_certificate())","lang":"python","description":"This quickstart demonstrates how to authenticate with Azure Key Vault using `DefaultAzureCredential` and perform basic operations: creating a self-signed certificate, retrieving it, and then deleting it. Ensure you have an Azure subscription, an existing Azure Key Vault, and are logged into Azure CLI (`az login`) or have appropriate environment variables set for authentication. Replace 'YOUR_KEY_VAULT_NAME' or set the `AZURE_KEYVAULT_NAME` environment variable.","tag":null,"tag_description":null,"last_tested":"2026-04-24","results":[{"runtime":"python:3.10-alpine","exit_code":1},{"runtime":"python:3.10-slim","exit_code":1},{"runtime":"python:3.11-alpine","exit_code":1},{"runtime":"python:3.11-slim","exit_code":1},{"runtime":"python:3.12-alpine","exit_code":1},{"runtime":"python:3.12-slim","exit_code":1},{"runtime":"python:3.13-alpine","exit_code":1},{"runtime":"python:3.13-slim","exit_code":1},{"runtime":"python:3.9-alpine","exit_code":1},{"runtime":"python:3.9-slim","exit_code":1}]}