Create Certificate (Tenant)

The Create Certificate operation creates a certificate with the certificate object provided in the body of the post, for the subscription ID specified in the URI.

Request

The Create Certificate request may be specified as follows. Replace <subscription-id> with your subscription ID

Method	Request URI	HTTP Version
POST	`https://tenant-management.contoso.net/subscriptions/<subscription-id>/certificates`	HTTP/1.1

URI Parameters

None.

Request Headers

The following table describes request headers.

Request Header	Description
Content-Type	Required. Set this header to application/xml; charset=utf-8.
Authorization	Required. Specifies the credentials for this request. The value of this header must be set Negotiate <token>.

Request Body

The format for the request body is as follows:

	Copy Code
<SubscriptionCertificate xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/windowsazure"> <SubscriptionCertificatePublicKey> MIGJAoGBAK/KPvvWPVO7pTfAkZ GyRpDQvXJzTiIPnAZGHGytDXi/Dfuln8oXr6p9+WLd+I/BlBwCXc91T+3FCXZI0K9uwbwfshD8pQI8BOEN72wLImZF7exRxyCQFQmHDKT1v8i9ICAx+MWrlRZbKKCpS2KHO3sEA6XeorTlrJiXCVZ5r3Q3AgMBAAE= </SubscriptionCertificatePublicKey> <SubscriptionCertificateThumbprint>E76BB7D5E465974CFA49F7CDDAFDCB22EAEF1C27</SubscriptionCertificateThumbprint> <SubscriptionCertificateData> MIIEuzCCA6OgAwIBAgIKbE4lYwABANK6eDANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDExRNU0lUIEVudGVycHJpc2UgQ0EgMzAeFw0xMjAyMjQwMzEyMzZaFw0xMzAyMjMwMzEyMzZaMBgxFjAUBgNVBAMTDUdlb3JnZSBNb<<truncated>> </SubscriptionCertificateData> </SubscriptionCertificate>

Copy Code

<SubscriptionCertificate xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/windowsazure">
	<SubscriptionCertificatePublicKey>
		MIGJAoGBAK/KPvvWPVO7pTfAkZ
		GyRpDQvXJzTiIPnAZGHGytDXi/Dfuln8oXr6p9+WLd+I/BlBwCXc91T+3FCXZI0K9uwbwfshD8pQI8BOEN72wLImZF7exRxyCQFQmHDKT1v8i9ICAx+MWrlRZbKKCpS2KHO3sEA6XeorTlrJiXCVZ5r3Q3AgMBAAE=
	</SubscriptionCertificatePublicKey>
	<SubscriptionCertificateThumbprint>E76BB7D5E465974CFA49F7CDDAFDCB22EAEF1C27</SubscriptionCertificateThumbprint>
	<SubscriptionCertificateData>
		MIIEuzCCA6OgAwIBAgIKbE4lYwABANK6eDANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDExRNU0lUIEVudGVycHJpc2UgQ0EgMzAeFw0xMjAyMjQwMzEyMzZaFw0xMzAyMjMwMzEyMzZaMBgxFjAUBgNVBAMTDUdlb3JnZSBNb<<truncated>> </SubscriptionCertificateData>
</SubscriptionCertificate>

Important
The order of the elements in the request body is significant. If an element is required, it must appear in the XML in the order shown above.

The following table describes the key elements of the request body:

Element Name	Description
SubscriptionCertificatePublicKey	The public key of the subscription certificate
SubscriptionCertificateThumbprint	The thumbprint of the subscription certificate
SubscriptionCertificateData	The subscription certificate raw data
TimeCreated	The time when the certificate was created

Response

The response includes an HTTP status code, a set of response headers, and a response body.

Status Code

The status code is embedded in the response for this operation; if successful, it will be status code 201 (CREATED).

Response Headers

The response for this operation includes the following headers. The response may also include additional standard HTTP headers. All standard headers conform to the HTTP/1.1 protocol specification.

Response Header	Description
None	None

Example

Create a certificate.

	Copy Code
public void CreateCert(string tenantServiceEndpoint, string subscriptionid) { HttpClient httpClient = new HttpClient(); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("BASIC", Convert.ToBase64String(UnicodeEncoding.Unicode.GetBytes("TenantPortal:" + password))))); X509Certificate2 cert = new X509Certificate2(@"certificate.cer"); string subscriptionEndpoint = tenantServiceEndpoint + "subscriptions/" + subscriptionid + "/certificates/"; var certInfo = new SubscriptionCertificate() { SubscriptionCertificatePublicKey = Convert.ToBase64String(cert.GetPublicKey()), SubscriptionCertificateThumbprint = cert.Thumbprint, SubscriptionCertificateData = Convert.ToBase64String(cert.GetRawCertData()), }; Console.WriteLine(httpClient.PostAsXmlAsync<SubscriptionCertificate>(subscriptionEndpoint, certInfo).Result.EnsureSuccessStatusCode()); }

Copy Code

public void CreateCert(string tenantServiceEndpoint, string subscriptionid)
{
	HttpClient httpClient = new HttpClient();
	httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("BASIC", Convert.ToBase64String(UnicodeEncoding.Unicode.GetBytes("TenantPortal:" + password)))));

	X509Certificate2 cert = new X509Certificate2(@"certificate.cer");
	string subscriptionEndpoint = tenantServiceEndpoint + "subscriptions/" + subscriptionid + "/certificates/";
	var certInfo = new SubscriptionCertificate()
	{
		SubscriptionCertificatePublicKey = Convert.ToBase64String(cert.GetPublicKey()),
		SubscriptionCertificateThumbprint = cert.Thumbprint,
		SubscriptionCertificateData = Convert.ToBase64String(cert.GetRawCertData()),
};
	Console.WriteLine(httpClient.PostAsXmlAsync<SubscriptionCertificate>(subscriptionEndpoint, certInfo).Result.EnsureSuccessStatusCode());
}