aiskillstore/azure-keyvault-certificates-rust
skills/sickn33/azure-keyvault-certificates-rust/SKILL.md
Azure Key Vault Certificates SDK for Rust. Use for creating, importing, and managing certificates. Triggers: "keyvault certificates rust", "CertificateClient rust", "create certificate rust", "import certificate rust".
$ install --global
skillsauthnpx skillsauth add aiskillstore/marketplace azure-keyvault-certificates-rustInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 8:09 AM56.4s2 files scanned
SKILL.md
- name:
- azure-keyvault-certificates-rust
- description:
- |
- Triggers:
- keyvault certificates rust", "CertificateClient rust", "create certificate rust", "import certificate rust".
- package:
- azure_security_keyvault_certificates
Azure Key Vault Certificates SDK for Rust
Client library for Azure Key Vault Certificates — secure storage and management of certificates.
Installation
cargo add azure_security_keyvault_certificates azure_identity
Environment Variables
AZURE_KEYVAULT_URL=https://<vault-name>.vault.azure.net/
Authentication
use azure_identity::DeveloperToolsCredential;
use azure_security_keyvault_certificates::CertificateClient;
let credential = DeveloperToolsCredential::new(None)?;
let client = CertificateClient::new(
"https://<vault-name>.vault.azure.net/",
credential.clone(),
None,
)?;
Core Operations
Get Certificate
use azure_core::base64;
let certificate = client
.get_certificate("certificate-name", None)
.await?
.into_model()?;
println!(
"Thumbprint: {:?}",
certificate.x509_thumbprint.map(base64::encode_url_safe)
);
Create Certificate
use azure_security_keyvault_certificates::models::{
CreateCertificateParameters, CertificatePolicy,
IssuerParameters, X509CertificateProperties,
};
let policy = CertificatePolicy {
issuer_parameters: Some(IssuerParameters {
name: Some("Self".into()),
..Default::default()
}),
x509_certificate_properties: Some(X509CertificateProperties {
subject: Some("CN=example.com".into()),
..Default::default()
}),
..Default::default()
};
let params = CreateCertificateParameters {
certificate_policy: Some(policy),
..Default::default()
};
let operation = client
.create_certificate("cert-name", params.try_into()?, None)
.await?;
Import Certificate
use azure_security_keyvault_certificates::models::ImportCertificateParameters;
let params = ImportCertificateParameters {
base64_encoded_certificate: Some(base64_cert_data),
password: Some("optional-password".into()),
..Default::default()
};
let certificate = client
.import_certificate("cert-name", params.try_into()?, None)
.await?
.into_model()?;
Delete Certificate
client.delete_certificate("certificate-name", None).await?;
List Certificates
use azure_security_keyvault_certificates::ResourceExt;
use futures::TryStreamExt;
let mut pager = client.list_certificate_properties(None)?.into_stream();
while let Some(cert) = pager.try_next().await? {
let name = cert.resource_id()?.name;
println!("Certificate: {}", name);
}
Get Certificate Policy
let policy = client
.get_certificate_policy("certificate-name", None)
.await?
.into_model()?;
Update Certificate Policy
use azure_security_keyvault_certificates::models::UpdateCertificatePolicyParameters;
let params = UpdateCertificatePolicyParameters {
// Update policy properties
..Default::default()
};
client
.update_certificate_policy("cert-name", params.try_into()?, None)
.await?;
Certificate Lifecycle
- Create — generates new certificate with policy
- Import — import existing PFX/PEM certificate
- Get — retrieve certificate (public key only)
- Update — modify certificate properties
- Delete — soft delete (recoverable)
- Purge — permanent deletion
Best Practices
- Use Entra ID auth —
DeveloperToolsCredentialfor dev - Use managed certificates — auto-renewal with supported issuers
- Set proper validity period — balance security and maintenance
- Use certificate policies — define renewal and key properties
- Monitor expiration — set up alerts for expiring certificates
- Enable soft delete — required for production vaults
RBAC Permissions
Assign these Key Vault roles:
Key Vault Certificates Officer— full CRUD on certificatesKey Vault Reader— read certificate metadata
Reference Links
| Resource | Link | |----------|------| | API Reference | https://docs.rs/azure_security_keyvault_certificates | | Source Code | https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/keyvault/azure_security_keyvault_certificates | | crates.io | https://crates.io/crates/azure_security_keyvault_certificates |
Related Skills
aiskillstore/hig-components-content
development
VerifiedTrustedCommunity
Apple Human Interface Guidelines for content display components. Use this skill when the user asks about charts component, collection view, image view, web view, color well, image well, activity view, lockup, data visualization, content display, displaying images, rendering web content, color pickers, or presenting collections of items in Apple apps. Also use when the user says how should I display charts, what's the best way to show images, should I use a web view, how do I build a grid of items, what component shows media, or how do I present a share sheet. Cross-references: hig-foundations for color/typography/accessibility, hig-patterns for data visualization patterns, hig-components-layout for structural containers, hig-platforms for platform-specific component behavior.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/helpdesk-automation
tools
VerifiedTrustedCommunity
Automate HelpDesk tasks via Rube MCP (Composio): list tickets, manage views, use canned responses, and configure custom fields. Always search tools first for current schemas.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/haskell-pro
testing
VerifiedTrustedCommunity
Expert Haskell engineer specializing in advanced type systems, pure functional design, and high-reliability software. Use PROACTIVELY for type-level programming, concurrency, and architecture guidance.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/graphql
tools
VerifiedTrustedCommunity
GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully.
244SKILL.mdUpdated Apr 10, 2026