How to use a certificate received from Azure Key-Vault for Client-Auth under SSL Context

[nicomichas]

Query/Question
How to use certificate received from Azure Key-Vault for Client-Auth under SSL Context.

Why is this not a Bug or a feature Request?
This is a query on how to use Certificate from Key-Vault as Client-Certificate under SSL Context. Error received from Server is as if no client certificate got actually attached under SSL Context.
When same certificate is used from a resource folder location and used in same code, code works fine.
So, doesn't seems to be a bug or new feature but more on request for guideline on some missing steps.

Setup (please complete the following information if applicable):
OS: Windows 10
IDE: IntelliJ
Library/Libraries: azure-spring-boot-starter-keyvault-certificates: 3.14.0, azure-identity: 1.13.2, azure-security-keyvault-certificates: 4.6.6

Following code is being used to fetch cert from Key-Vault and use the same as Client Certificate:

`

   KeyVaultCertificateWithPolicy certificateWithPolicy = certificateClient.getCertificate(certName);

  System.out.printf("\nRecevied certificate with name \"%s\", "
		+ "version %s and secret id %s%n"
		+ "expiry date: %s%n"
		+ "Issuer: %s%n",
    certificateWithPolicy.getProperties().getName(), certificateWithPolicy.getProperties().getVersion(), 
    certificateWithPolicy.getSecretId(),
    certificateWithPolicy.getProperties().getExpiresOn(),
    certificateWithPolicy.getPolicy().getIssuerName()
    );

byte[] cerContent = certificateWithPolicy.getCer(); 

SSLConnectionSocketFactory socketFactory = null;
CloseableHttpClient httpClient = null;
try {
	System.out.println(" Inside TRY Block");
	CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
	X509Certificate certificate = 
		(X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(cerContent));

	KeyStore azureKeyVaultKeyStore = KeyStore.getInstance("PKCS12");
	azureKeyVaultKeyStore.load(null, null);
	azureKeyVaultKeyStore.setCertificateEntry("<name>", certificate);
	System.out.println(azureKeyVaultKeyStore
			.isCertificateEntry("<name>"));
	
	System.out.println(" Cert Loaded Completed "+ certificate.getType()+"  Content ="+ certificate.getPublicKey() );

	SSLContext sslContext = SSLContexts.custom()
			.setKeyStoreType("PKCS12")
			.loadKeyMaterial(azureKeyVaultKeyStore, null)
			.build();

	SSLConnectionSocketFactory sslConFactory = 
			new SSLConnectionSocketFactory(sslContext,allowAll);

	httpClient = HttpClients.custom().setSSLSocketFactory(sslConFactory).build();

	HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
	requestFactory.setHttpClient(httpClient);
	RestTemplate restTemplate = new RestTemplate(requestFactory);
	String sslTest = "https://<URI>";
	String body = "{\"Hello\": 124}";
	HttpHeaders headers = new HttpHeaders();

	headers.set("Accept", "application/json");
	headers.set("Content-Type", "application/json");
	headers.set("Hello", "124");

	HttpEntity<String> request = new HttpEntity<String>(body, headers);

	try {
	ResponseEntity<String> result = restTemplate.postForEntity(sslTest, request, String.class);
	System.out.println(result.getStatusCodeValue() + " Body:" + result.getBody());
	} catch (Exception e) {
		e.printStackTrace();
	}

`

Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

[ Y ] Query Added
[ Y ] Setup information Added

[github-actions]

Thank you for your feedback. Tagging and routing to the team member best able to assist.