com.microsoft.azure.keyvault.models.Attributes Java Examples

private static void validateSecret(SecretBundle secret, String vault, String name, String value, String contentType,
		Attributes attributes) throws Exception {
	String prefix = vault + "/secrets/" + name + "/";
	String id = secret.id();
	Assert.assertTrue( //
			String.format("\"id\" should start with \"%s\", but instead the value is \"%s\".", prefix, id), //
			id.startsWith(prefix));
	Assert.assertEquals(value, secret.value());
	if (contentType != null) {
		Assert.assertEquals(contentType, secret.contentType());
	}
	Assert.assertNotNull("\"created\" should not be null.", secret.attributes().created());
	Assert.assertNotNull("\"updated\" should not be null.", secret.attributes().updated());
	DeletionRecoveryLevel deletionRecoveryLevel = secret.attributes().recoveryLevel();
	Assert.assertNotNull(deletionRecoveryLevel);

	Assert.assertTrue(secret.managed() == null || secret.managed() == false);
}
 

private static void validateRsaKeyBundle(KeyBundle bundle, String vault, String keyName, JsonWebKeyType kty, List<JsonWebKeyOperation> key_ops, Attributes attributes) throws Exception {
    String prefix = vault + "/keys/" + keyName + "/";
    String kid = bundle.key().kid();
    Assert.assertTrue( 
            String.format("\"kid\" should start with \"%s\", but instead the value is \"%s\".", prefix, kid), 
            kid.startsWith(prefix));
    Assert.assertEquals(kty, bundle.key().kty());
    Assert.assertNotNull("\"n\" should not be null.", bundle.key().n());
    Assert.assertNotNull("\"e\" should not be null.", bundle.key().e());
    if (key_ops != null) {
        Assert.assertTrue(key_ops.equals(bundle.key().keyOps()));
    }
    Assert.assertNotNull("\"created\" should not be null.", bundle.attributes().created());
    Assert.assertNotNull("\"updated\" should not be null.", bundle.attributes().updated());
            
    Assert.assertTrue(bundle.managed() == null || bundle.managed() == false);
    Assert.assertTrue(bundle.key().isValid());
}
 

private void checkImportOperation(KeyBundle keyBundle, boolean importToHardware) throws Exception {
    Attributes attribute = new KeyAttributes()
            .withEnabled(true)
            .withExpires(new DateTime().withYear(2050).withMonthOfYear(1))
            .withNotBefore(new DateTime().withYear(2000).withMonthOfYear(1));
    
    Map<String, String> tags = new HashMap<String, String>();
    tags.put("foo", "baz");
    
    JsonWebKey importedJwk = keyBundle.key();
    KeyBundle importResultBundle = keyVaultClient.importKey(
            new ImportKeyRequest
                .Builder(getVaultUri(), KEY_NAME, keyBundle.key())
                    .withHsm(importToHardware)
                    .withAttributes(attribute)
                    .withTags(tags)
                    .build());
    
    validateRsaKeyBundle(importResultBundle, getVaultUri(), KEY_NAME, importToHardware ? JsonWebKeyType.RSA_HSM : JsonWebKeyType.RSA, importedJwk.keyOps(), attribute);
    checkEncryptDecryptSequence(importedJwk, importResultBundle);
    Assert.assertTrue(importResultBundle.key().isValid());
}
 

@Override
public KeyImpl withAttributes(Attributes attributes) {
    if (isInCreateMode()) {
        if (createKeyRequest != null) {
            createKeyRequest.withAttributes(attributes);
        } else {
            importKeyRequest.withAttributes(attributes);
        }
    } else {
        updateKeyRequest.withAttributes(attributes);
    }
    return this;
}
 

protected static void compareAttributes(Attributes expectedAttributes, Attributes actualAttribute) {
	if (expectedAttributes != null) {
		Assert.assertEquals(expectedAttributes.enabled(), actualAttribute.enabled());
		Assert.assertEquals(expectedAttributes.expires(), actualAttribute.expires());
		Assert.assertEquals(expectedAttributes.notBefore(), actualAttribute.notBefore());
	}
}
 

protected static void compareAttributes(Attributes expectedAttributes, Attributes actualAttribute) {
	if (expectedAttributes != null) {
		Assert.assertEquals(expectedAttributes.enabled(), actualAttribute.enabled());
		Assert.assertEquals(expectedAttributes.expires(), actualAttribute.expires());
		Assert.assertEquals(expectedAttributes.notBefore(), actualAttribute.notBefore());
	}
}
 

/**
 * Import a PKCS12 format (which includes the private key) certificate.
 */
@Test
public void certificateUpdateForCertificateOperationsTest() throws Exception {
    String certificateContent = "MIIJOwIBAzCCCPcGCSqGSIb3DQEHAaCCCOgEggjkMIII4DCCBgkGCSqGSIb3DQEHAaCCBfoEggX2MIIF8jCCBe4GCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAj15YH9pOE58AICB9AEggTYLrI+SAru2dBZRQRlJY7XQ3LeLkah2FcRR3dATDshZ2h0IA2oBrkQIdsLyAAWZ32qYR1qkWxLHn9AqXgu27AEbOk35+pITZaiy63YYBkkpR+pDdngZt19Z0PWrGwHEq5z6BHS2GLyyN8SSOCbdzCz7blj3+7IZYoMj4WOPgOm/tQ6U44SFWek46QwN2zeA4i97v7ftNNns27ms52jqfhOvTA9c/wyfZKAY4aKJfYYUmycKjnnRl012ldS2lOkASFt+lu4QCa72IY6ePtRudPCvmzRv2pkLYS6z3cI7omT8nHP3DymNOqLbFqr5O2M1ZYaLC63Q3xt3eVvbcPh3N08D1hHkhz/KDTvkRAQpvrW8ISKmgDdmzN55Pe55xHfSWGB7gPw8sZea57IxFzWHTK2yvTslooWoosmGxanYY2IG/no3EbPOWDKjPZ4ilYJe5JJ2immlxPz+2e2EOCKpDI+7fzQcRz3PTd3BK+budZ8aXX8aW/lOgKS8WmxZoKnOJBNWeTNWQFugmktXfdPHAdxMhjUXqeGQd8wTvZ4EzQNNafovwkI7IV/ZYoa++RGofVR3ZbRSiBNF6TDj/qXFt0wN/CQnsGAmQAGNiN+D4mY7i25dtTu/Jc7OxLdhAUFpHyJpyrYWLfvOiS5WYBeEDHkiPUa/8eZSPA3MXWZR1RiuDvuNqMjct1SSwdXADTtF68l/US1ksU657+XSC+6ly1A/upz+X71+C4Ho6W0751j5ZMT6xKjGh5pee7MVuduxIzXjWIy3YSd0fIT3U0A5NLEvJ9rfkx6JiHjRLx6V1tqsrtT6BsGtmCQR1UCJPLqsKVDvAINx3cPA/CGqr5OX2BGZlAihGmN6n7gv8w4O0k0LPTAe5YefgXN3m9pE867N31GtHVZaJ/UVgDNYS2jused4rw76ZWN41akx2QN0JSeMJqHXqVz6AKfz8ICS/dFnEGyBNpXiMRxrY/QPKi/wONwqsbDxRW7vZRVKs78pBkE0ksaShlZk5GkeayDWC/7Hi/NqUFtIloK9XB3paLxo1DGu5qqaF34jZdktzkXp0uZqpp+FfKZaiovMjt8F7yHCPk+LYpRsU2Cyc9DVoDA6rIgf+uEP4jppgehsxyT0lJHax2t869R2jYdsXwYUXjgwHIV0voj7bJYPGFlFjXOp6ZW86scsHM5xfsGQoK2Fp838VT34SHE1ZXU/puM7rviREHYW72pfpgGZUILQMohuTPnd8tFtAkbrmjLDo+k9xx7HUvgoFTiNNWuq/cRjr70FKNguMMTIrid+HwfmbRoaxENWdLcOTNeascER2a+37UQolKD5ksrPJG6RdNA7O2pzp3micDYRs/+s28cCIxO//J/d4nsgHp6RTuCu4+Jm9k0YTw2Xg75b2cWKrxGnDUgyIlvNPaZTB5QbMid4x44/lE0LLi9kcPQhRgrK07OnnrMgZvVGjt1CLGhKUv7KFc3xV1r1rwKkosxnoG99oCoTQtregcX5rIMjHgkc1IdflGJkZzaWMkYVFOJ4Weynz008i4ddkske5vabZs37Lb8iggUYNBYZyGzalruBgnQyK4fz38Fae4nWYjyildVfgyo/fCePR2ovOfphx9OQJi+M9BoFmPrAg+8ARDZ+R+5yzYuEc9ZoVX7nkp7LTGB3DANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBXBgkqhkiG9w0BCRQxSh5IAGEAOAAwAGQAZgBmADgANgAtAGUAOQA2AGUALQA0ADIAMgA0AC0AYQBhADEAMQAtAGIAZAAxADkANABkADUAYQA2AGIANwA3MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIwggLPBgkqhkiG9w0BBwagggLAMIICvAIBADCCArUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEGMA4ECNX+VL2MxzzWAgIH0ICCAojmRBO+CPfVNUO0s+BVuwhOzikAGNBmQHNChmJ/pyzPbMUbx7tO63eIVSc67iERda2WCEmVwPigaVQkPaumsfp8+L6iV/BMf5RKlyRXcwh0vUdu2Qa7qadD+gFQ2kngf4Dk6vYo2/2HxayuIf6jpwe8vql4ca3ZtWXfuRix2fwgltM0bMz1g59d7x/glTfNqxNlsty0A/rWrPJjNbOPRU2XykLuc3AtlTtYsQ32Zsmu67A7UNBw6tVtkEXlFDqhavEhUEO3dvYqMY+QLxzpZhA0q44ZZ9/ex0X6QAFNK5wuWxCbupHWsgxRwKftrxyszMHsAvNoNcTlqcctee+ecNwTJQa1/MDbnhO6/qHA7cfG1qYDq8Th635vGNMW1w3sVS7l0uEvdayAsBHWTcOC2tlMa5bfHrhY8OEIqj5bN5H9RdFy8G/W239tjDu1OYjBDydiBqzBn8HG1DSj1Pjc0kd/82d4ZU0308KFTC3yGcRad0GnEH0Oi3iEJ9HbriUbfVMbXNHOF+MktWiDVqzndGMKmuJSdfTBKvGFvejAWVO5E4mgLvoaMmbchc3BO7sLeraHnJN5hvMBaLcQI38N86mUfTR8AP6AJ9c2k514KaDLclm4z6J8dMz60nUeo5D3YD09G6BavFHxSvJ8MF0Lu5zOFzEePDRFm9mH8W0N/sFlIaYfD/GWU/w44mQucjaBk95YtqOGRIj58tGDWr8iUdHwaYKGqU24zGeRae9DhFXPzZshV1ZGsBQFRaoYkyLAwdJWIXTi+c37YaC8FRSEnnNmS79Dou1Kc3BvK4EYKAD2KxjtUebrV174gD0Q+9YuJ0GXOTspBvCFd5VT2Rw5zDNrA/J3F5fMCk4wOzAfMAcGBSsOAwIaBBSxgh2xyF+88V4vAffBmZXv8Txt4AQU4O/NX4MjxSodbE7ApNAMIvrtREwCAgfQ";
    String certificatePassword = "123";

    // Set content type to indicate the certificate is PKCS12 format.
    SecretProperties secretProperties = new SecretProperties().withContentType(MIME_PKCS12);
    CertificatePolicy certificatePolicy = new CertificatePolicy().withSecretProperties(secretProperties);

    String vaultUri = getVaultUri();
    String certificateName = "updateCertJava";
    keyVaultClient.importCertificate(
            new ImportCertificateRequest
                .Builder(vaultUri, certificateName, certificateContent)
                .withPassword(certificatePassword)
                .withPolicy(certificatePolicy)
                .build());
    

    Attributes attribute = new CertificateAttributes()
            .withExpires(new DateTime().withYear(2050).withMonthOfYear(1))
            .withNotBefore(new DateTime().withYear(2000).withMonthOfYear(1));
    CertificateBundle updatedCertBundle = keyVaultClient.updateCertificate(
            new UpdateCertificateRequest
                .Builder(vaultUri, certificateName)
                .withAttributes(attribute.withEnabled(false))
                .withTags(sTags)
                .build());
    Assert.assertEquals(attribute.enabled(), updatedCertBundle.attributes().enabled());
    Assert.assertEquals(sTags.toString(), updatedCertBundle.tags().toString());
    
    CertificatePolicy certificatePolicyUpdate = certificatePolicy.withIssuerParameters(new IssuerParameters().withName(ISSUER_SELF));
    CertificatePolicy updatedCertificatePolicy = keyVaultClient.updateCertificatePolicy(
            new UpdateCertificatePolicyRequest
                .Builder(vaultUri, certificateName)
                .withPolicy(certificatePolicyUpdate)
                .build());
    Assert.assertEquals(certificatePolicyUpdate.issuerParameters().name(), updatedCertificatePolicy.issuerParameters().name());

    CertificatePolicy policy = keyVaultClient.getCertificatePolicy(vaultUri, certificateName);
    Assert.assertEquals(certificatePolicyUpdate.issuerParameters().name(), policy.issuerParameters().name());
    
    keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
    pollOnCertificateDeletion(getVaultUri(), certificateName);
    
    keyVaultClient.purgeDeletedCertificate(getVaultUri(), certificateName);
    Thread.sleep(10000);
}
 

/**
 * Import a PKCS12 format (which includes the private key) certificate.
 */
@Test
public void importCertificatePkcs12ForCertificateOperationsTest() throws Exception {
    String certificateContent = "MIIJOwIBAzCCCPcGCSqGSIb3DQEHAaCCCOgEggjkMIII4DCCBgkGCSqGSIb3DQEHAaCCBfoEggX2MIIF8jCCBe4GCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAj15YH9pOE58AICB9AEggTYLrI+SAru2dBZRQRlJY7XQ3LeLkah2FcRR3dATDshZ2h0IA2oBrkQIdsLyAAWZ32qYR1qkWxLHn9AqXgu27AEbOk35+pITZaiy63YYBkkpR+pDdngZt19Z0PWrGwHEq5z6BHS2GLyyN8SSOCbdzCz7blj3+7IZYoMj4WOPgOm/tQ6U44SFWek46QwN2zeA4i97v7ftNNns27ms52jqfhOvTA9c/wyfZKAY4aKJfYYUmycKjnnRl012ldS2lOkASFt+lu4QCa72IY6ePtRudPCvmzRv2pkLYS6z3cI7omT8nHP3DymNOqLbFqr5O2M1ZYaLC63Q3xt3eVvbcPh3N08D1hHkhz/KDTvkRAQpvrW8ISKmgDdmzN55Pe55xHfSWGB7gPw8sZea57IxFzWHTK2yvTslooWoosmGxanYY2IG/no3EbPOWDKjPZ4ilYJe5JJ2immlxPz+2e2EOCKpDI+7fzQcRz3PTd3BK+budZ8aXX8aW/lOgKS8WmxZoKnOJBNWeTNWQFugmktXfdPHAdxMhjUXqeGQd8wTvZ4EzQNNafovwkI7IV/ZYoa++RGofVR3ZbRSiBNF6TDj/qXFt0wN/CQnsGAmQAGNiN+D4mY7i25dtTu/Jc7OxLdhAUFpHyJpyrYWLfvOiS5WYBeEDHkiPUa/8eZSPA3MXWZR1RiuDvuNqMjct1SSwdXADTtF68l/US1ksU657+XSC+6ly1A/upz+X71+C4Ho6W0751j5ZMT6xKjGh5pee7MVuduxIzXjWIy3YSd0fIT3U0A5NLEvJ9rfkx6JiHjRLx6V1tqsrtT6BsGtmCQR1UCJPLqsKVDvAINx3cPA/CGqr5OX2BGZlAihGmN6n7gv8w4O0k0LPTAe5YefgXN3m9pE867N31GtHVZaJ/UVgDNYS2jused4rw76ZWN41akx2QN0JSeMJqHXqVz6AKfz8ICS/dFnEGyBNpXiMRxrY/QPKi/wONwqsbDxRW7vZRVKs78pBkE0ksaShlZk5GkeayDWC/7Hi/NqUFtIloK9XB3paLxo1DGu5qqaF34jZdktzkXp0uZqpp+FfKZaiovMjt8F7yHCPk+LYpRsU2Cyc9DVoDA6rIgf+uEP4jppgehsxyT0lJHax2t869R2jYdsXwYUXjgwHIV0voj7bJYPGFlFjXOp6ZW86scsHM5xfsGQoK2Fp838VT34SHE1ZXU/puM7rviREHYW72pfpgGZUILQMohuTPnd8tFtAkbrmjLDo+k9xx7HUvgoFTiNNWuq/cRjr70FKNguMMTIrid+HwfmbRoaxENWdLcOTNeascER2a+37UQolKD5ksrPJG6RdNA7O2pzp3micDYRs/+s28cCIxO//J/d4nsgHp6RTuCu4+Jm9k0YTw2Xg75b2cWKrxGnDUgyIlvNPaZTB5QbMid4x44/lE0LLi9kcPQhRgrK07OnnrMgZvVGjt1CLGhKUv7KFc3xV1r1rwKkosxnoG99oCoTQtregcX5rIMjHgkc1IdflGJkZzaWMkYVFOJ4Weynz008i4ddkske5vabZs37Lb8iggUYNBYZyGzalruBgnQyK4fz38Fae4nWYjyildVfgyo/fCePR2ovOfphx9OQJi+M9BoFmPrAg+8ARDZ+R+5yzYuEc9ZoVX7nkp7LTGB3DANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBXBgkqhkiG9w0BCRQxSh5IAGEAOAAwAGQAZgBmADgANgAtAGUAOQA2AGUALQA0ADIAMgA0AC0AYQBhADEAMQAtAGIAZAAxADkANABkADUAYQA2AGIANwA3MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIwggLPBgkqhkiG9w0BBwagggLAMIICvAIBADCCArUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEGMA4ECNX+VL2MxzzWAgIH0ICCAojmRBO+CPfVNUO0s+BVuwhOzikAGNBmQHNChmJ/pyzPbMUbx7tO63eIVSc67iERda2WCEmVwPigaVQkPaumsfp8+L6iV/BMf5RKlyRXcwh0vUdu2Qa7qadD+gFQ2kngf4Dk6vYo2/2HxayuIf6jpwe8vql4ca3ZtWXfuRix2fwgltM0bMz1g59d7x/glTfNqxNlsty0A/rWrPJjNbOPRU2XykLuc3AtlTtYsQ32Zsmu67A7UNBw6tVtkEXlFDqhavEhUEO3dvYqMY+QLxzpZhA0q44ZZ9/ex0X6QAFNK5wuWxCbupHWsgxRwKftrxyszMHsAvNoNcTlqcctee+ecNwTJQa1/MDbnhO6/qHA7cfG1qYDq8Th635vGNMW1w3sVS7l0uEvdayAsBHWTcOC2tlMa5bfHrhY8OEIqj5bN5H9RdFy8G/W239tjDu1OYjBDydiBqzBn8HG1DSj1Pjc0kd/82d4ZU0308KFTC3yGcRad0GnEH0Oi3iEJ9HbriUbfVMbXNHOF+MktWiDVqzndGMKmuJSdfTBKvGFvejAWVO5E4mgLvoaMmbchc3BO7sLeraHnJN5hvMBaLcQI38N86mUfTR8AP6AJ9c2k514KaDLclm4z6J8dMz60nUeo5D3YD09G6BavFHxSvJ8MF0Lu5zOFzEePDRFm9mH8W0N/sFlIaYfD/GWU/w44mQucjaBk95YtqOGRIj58tGDWr8iUdHwaYKGqU24zGeRae9DhFXPzZshV1ZGsBQFRaoYkyLAwdJWIXTi+c37YaC8FRSEnnNmS79Dou1Kc3BvK4EYKAD2KxjtUebrV174gD0Q+9YuJ0GXOTspBvCFd5VT2Rw5zDNrA/J3F5fMCk4wOzAfMAcGBSsOAwIaBBSxgh2xyF+88V4vAffBmZXv8Txt4AQU4O/NX4MjxSodbE7ApNAMIvrtREwCAgfQ";
    String certificatePassword = "123";

    // Set content type to indicate the certificate is PKCS12 format.
    SecretProperties secretProperties = new SecretProperties().withContentType(MIME_PKCS12);
    CertificatePolicy certificatePolicy = new CertificatePolicy().withSecretProperties(secretProperties);
    Attributes attribute = new CertificateAttributes().withEnabled(true);

    String vaultUri = getVaultUri();
    String certificateName = "importCertPkcs";
    CertificateBundle certificateBundle = keyVaultClient.importCertificate(
            new ImportCertificateRequest
                .Builder(vaultUri, certificateName, certificateContent)
                .withPassword(certificatePassword)
                .withPolicy(certificatePolicy)
                .withAttributes(attribute)
                .withTags(sTags)
                .build());

    // Validate the certificate bundle created
    validateCertificateBundle(certificateBundle, certificatePolicy);        
    Assert.assertTrue(toHexString(certificateBundle.x509Thumbprint()).equalsIgnoreCase("7cb8b7539d87ba7215357b9b9049dff2d3fa59ba"));
    Assert.assertEquals(attribute.enabled(), certificateBundle.attributes().enabled());
    
    // Load the CER part into X509Certificate object
    X509Certificate x509Certificate = loadCerToX509Certificate(certificateBundle);

    Assert.assertTrue(x509Certificate.getSubjectX500Principal().getName().equals("CN=KeyVaultTest"));
    Assert.assertTrue(x509Certificate.getIssuerX500Principal().getName().equals("CN=Root Agency"));

    // Retrieve the secret backing the certificate
    SecretIdentifier secretIdentifier = certificateBundle.secretIdentifier();
    SecretBundle secret = keyVaultClient.getSecret(secretIdentifier.baseIdentifier());
    Assert.assertTrue(secret.managed());
    
    // Load the secret into a KeyStore
    String secretPassword = "";
    KeyStore keyStore = loadSecretToKeyStore(secret, secretPassword);

    // Validate the certificate and key in the KeyStore
    validateCertificateKeyInKeyStore(keyStore, x509Certificate, secretPassword);

    CertificateBundle deletedCertificateBundle = keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
    pollOnCertificateDeletion(getVaultUri(), certificateName);
    
    try {
        keyVaultClient.getCertificate(deletedCertificateBundle.certificateIdentifier().baseIdentifier());
    } catch (KeyVaultErrorException e) {
        Assert.assertNotNull(e.body().error());
        Assert.assertEquals("CertificateNotFound", e.body().error().code());
    }
    
    keyVaultClient.purgeDeletedCertificate(getVaultUri(), certificateName);
    Thread.sleep(10000);
}
 

@Override
public SecretImpl withAttributes(Attributes attributes) {
    setSecretRequest.withAttributes(attributes);
    updateSecretRequest.withAttributes(attributes);
    return this;
}
 

/**
 * Create a self-signed certificate in PKCS12 format (which includes the
 * private key) certificate.
 * 
 * @throws Exception
 */
@Test
public void createSelfSignedCertificatePkcs12ForCertificateOperationsTest() throws Exception {
    // Set content type to indicate the certificate is PKCS12 format.
    SecretProperties secretProperties = new SecretProperties()
                                    .withContentType(MIME_PKCS12);

    String subjectName = "CN=SelfSignedJavaPkcs12";
    X509CertificateProperties x509Properties = new X509CertificateProperties()
                .withSubject(subjectName)
                .withValidityInMonths(12);

    // Set issuer to "Self"
    IssuerParameters issuerParameters = new IssuerParameters()
                .withName(ISSUER_SELF);

    CertificatePolicy certificatePolicy = new CertificatePolicy()
                .withSecretProperties(secretProperties)
                .withIssuerParameters(issuerParameters)
                .withX509CertificateProperties(x509Properties);

    Attributes attribute = new CertificateAttributes()
            .withEnabled(true)
            .withExpires(new DateTime().withYear(2050).withMonthOfYear(1))
            .withNotBefore(new DateTime().withYear(2000).withMonthOfYear(1));
    
    String vaultUri = getVaultUri();
    String certificateName = "createSelfSignedJavaPkcs12";
    
    CreateCertificateRequest createCertificateRequest = 
            new CreateCertificateRequest
                .Builder(vaultUri, certificateName)
                    .withPolicy(certificatePolicy)
                    .withAttributes(attribute)
                    .withTags(sTags)
                    .build();
    
    CertificateOperation certificateOperation = keyVaultClient.createCertificate(createCertificateRequest);

    Assert.assertNotNull(certificateOperation);
    Assert.assertTrue(certificateOperation.status().equalsIgnoreCase(STATUS_IN_PROGRESS));

    CertificateBundle certificateBundle = pollOnCertificateOperation(certificateOperation);
    validateCertificateBundle(certificateBundle, certificatePolicy);
    compareAttributes(attribute, createCertificateRequest.certificateAttributes());

    // Load the CER part into X509Certificate object
    X509Certificate x509Certificate = loadCerToX509Certificate(certificateBundle);

    Assert.assertTrue(x509Certificate.getSubjectX500Principal().getName().equals(subjectName));
    Assert.assertTrue(x509Certificate.getIssuerX500Principal().getName().equals(subjectName));

    // Retrieve the secret backing the certificate
    SecretIdentifier secretIdentifier = certificateBundle.secretIdentifier();
    SecretBundle secret = keyVaultClient.getSecret(secretIdentifier.baseIdentifier());
    Assert.assertTrue(secret.managed());

    // Retrieve the key backing the certificate
    KeyIdentifier keyIdentifier = certificateBundle.keyIdentifier();
    KeyBundle keyBundle = keyVaultClient.getKey(keyIdentifier.baseIdentifier());
    Assert.assertTrue(keyBundle.managed());
    
    // Load the secret into a KeyStore
    String secretPassword = "";
    KeyStore keyStore = loadSecretToKeyStore(secret, secretPassword);

    // Validate the certificate and key in the KeyStore
    validateCertificateKeyInKeyStore(keyStore, x509Certificate, secretPassword);

    CertificateBundle deletedCertificateBundle = keyVaultClient.deleteCertificate(getVaultUri(), certificateName);
    Assert.assertNotNull(deletedCertificateBundle);
    
    pollOnCertificateDeletion(getVaultUri(), certificateName);
    try {
        keyVaultClient.getCertificate(deletedCertificateBundle.certificateIdentifier().baseIdentifier());
    } catch (KeyVaultErrorException e) {
        Assert.assertNotNull(e.body().error());
        Assert.assertEquals("CertificateNotFound", e.body().error().code());
    }
    
    keyVaultClient.purgeDeletedCertificate(getVaultUri(), certificateName);
    Thread.sleep(20000);
}
 

/**
 * Set the certificate attributes.
 * 
 * @param attributes
 *            The attributes of the certificate.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (CertificateAttributes) attributes;
    return this;
}
 

/**
 * Set the key attributes value.
 * 
 * @param attributes
 *            the key management attributes value to set
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (KeyAttributes) attributes;
    return this;
}
 

/**
 * Set the attributes value.
 * 
 * @param attributes
 *            The attributes of the certificate.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (CertificateAttributes) attributes;
    return this;
}
 

/**
 * Set the attributes value.
 * 
 * @param attributes
 *            The attributes of the certificate.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (CertificateAttributes) attributes;
    return this;
}
 

/**
 * Set the attributes value.
 * 
 * @param attributes
 *            The attributes of the certificate.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (CertificateAttributes) attributes;
    return this;
}
 

/**
 * Specifies the secret attributes.
 * @param attributes the object attributes managed by Key Vault service
 * @return the next stage of the definition
 */
WithCreate withAttributes(Attributes attributes);
 

/**
 * Set the key attributes value.
 * 
 * @param attributes
 *            the key management attributes value to set
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (KeyAttributes) attributes;
    return this;
}
 

/**
 * Set the attributes value.
 * 
 * @param attributes
 *            The secret management attributes.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (SecretAttributes) attributes;
    return this;
}
 

/**
 * Set the attributes value.
 * 
 * @param attributes
 *            The secret management attributes.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (SecretAttributes) attributes;
    return this;
}
 

/**
 * Set the key attributes value.
 * 
 * @param attributes
 *            the key management attributes value to set.
 * @return the Builder object itself.
 */
public Builder withAttributes(Attributes attributes) {
    this.attributes = (KeyAttributes) attributes;
    return this;
}
 

/**
 * Specifies the attributes of the key.
 * @param attributes the object attributes managed by Key Vault service
 * @return the next stage of the update
 */
Update withAttributes(Attributes attributes);
 

/**
 * Specifies the attributes of the key.
 * @param attributes the object attributes managed by Key Vault service
 * @return the next stage of the definition
 */
WithCreate withAttributes(Attributes attributes);
 

/**
 * Specifies the secret attributes.
 * @param attributes the object attributes managed by Key Vault service
 * @return the next stage of the update
 */
Update withAttributes(Attributes attributes);