diff --git a/eng/versioning/external_dependencies.txt b/eng/versioning/external_dependencies.txt
index d4cdb3d7ddee9..7c940117163ef 100644
--- a/eng/versioning/external_dependencies.txt
+++ b/eng/versioning/external_dependencies.txt
@@ -218,6 +218,7 @@ commons-cli:commons-cli;1.3
org.assertj:assertj-core;3.22.0
org.bouncycastle:bcprov-jdk15to18;1.76
org.bouncycastle:bcprov-jdk18on;1.76
+org.bouncycastle:bcpkix-lts8on;2.73.3
org.eclipse.jetty:jetty-http;9.4.51.v20230217
org.eclipse.jetty:jetty-server;9.4.51.v20230217
org.eclipse.jetty:jetty-servlet;9.4.51.v20230217
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/CHANGELOG.md b/sdk/keyvault/azure-security-keyvault-certificates/CHANGELOG.md
index 92302a31d4c78..e6db0d219cfd3 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/CHANGELOG.md
+++ b/sdk/keyvault/azure-security-keyvault-certificates/CHANGELOG.md
@@ -7,6 +7,8 @@
### Breaking Changes
### Bugs Fixed
+- Fixed response code for certificate merging operations from `200` to the correct `201`.
+([#36260]https://github.com/Azure/azure-sdk-for-java/issues/36260))
### Other Changes
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/assets.json b/sdk/keyvault/azure-security-keyvault-certificates/assets.json
index bd03efd00f5e4..a48cfe373eb2b 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/assets.json
+++ b/sdk/keyvault/azure-security-keyvault-certificates/assets.json
@@ -2,5 +2,5 @@
"AssetsRepo": "Azure/azure-sdk-assets",
"AssetsRepoPrefixPath": "java",
"TagPrefix": "java/keyvault/azure-security-keyvault-certificates",
- "Tag": "java/keyvault/azure-security-keyvault-certificates_90c7b7987b"
+ "Tag": "java/keyvault/azure-security-keyvault-certificates_1e177cf1ed"
}
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/pom.xml b/sdk/keyvault/azure-security-keyvault-certificates/pom.xml
index f35cc2496782a..63aefd66bfdb7 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/pom.xml
+++ b/sdk/keyvault/azure-security-keyvault-certificates/pom.xml
@@ -44,13 +44,11 @@
-
com.azure
azure-core
1.42.0
-
com.azure
azure-core-http-netty
@@ -64,49 +62,42 @@
5.9.3
test
-
org.junit.jupiter
junit-jupiter-engine
5.9.3
test
-
org.junit.jupiter
junit-jupiter-params
5.9.3
test
-
org.hamcrest
hamcrest-library
2.2
test
-
io.projectreactor
reactor-test
3.4.31
test
-
com.azure
azure-core-test
1.19.0
test
-
com.azure
azure-core-http-okhttp
1.11.12
test
-
com.azure
azure-identity
@@ -119,5 +110,38 @@
4.11.0
test
+
+ org.bouncycastle
+ bcpkix-lts8on
+ 2.73.3
+ test
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-resources-plugin
+ 3.3.0
+
+
+ copy-resources
+ validate
+
+ copy-resources
+
+
+ ${basedir}/target/test-classes
+
+
+ ${basedir}/src/test/resources
+
+
+
+
+
+
+
+
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/main/java/com/azure/security/keyvault/certificates/implementation/CertificateClientImpl.java b/sdk/keyvault/azure-security-keyvault-certificates/src/main/java/com/azure/security/keyvault/certificates/implementation/CertificateClientImpl.java
index 777cc493defd3..843bdc4c4e3f6 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/src/main/java/com/azure/security/keyvault/certificates/implementation/CertificateClientImpl.java
+++ b/sdk/keyvault/azure-security-keyvault-certificates/src/main/java/com/azure/security/keyvault/certificates/implementation/CertificateClientImpl.java
@@ -476,7 +476,7 @@ Mono> importCertificateAsync(@HostParam(
Context context);
@Post("certificates/{certificate-name}/pending/merge")
- @ExpectedResponses({200})
+ @ExpectedResponses({201})
@UnexpectedResponseExceptionType(HttpResponseException.class)
Mono> mergeCertificateAsync(@HostParam("url") String url,
@PathParam("certificate-name") String certificateName,
@@ -858,7 +858,7 @@ Response importCertificate(@HostParam("url") Stri
Context context);
@Post("certificates/{certificate-name}/pending/merge")
- @ExpectedResponses({200})
+ @ExpectedResponses({201})
@UnexpectedResponseExceptionType(HttpResponseException.class)
Response mergeCertificate(@HostParam("url") String url,
@PathParam("certificate-name") String certificateName,
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateAsyncClientTest.java b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateAsyncClientTest.java
index a55fb7244cad5..b17226286ce34 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateAsyncClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateAsyncClientTest.java
@@ -22,17 +22,38 @@
import com.azure.security.keyvault.certificates.models.DeletedCertificate;
import com.azure.security.keyvault.certificates.models.KeyVaultCertificateWithPolicy;
import com.azure.security.keyvault.certificates.models.MergeCertificateOptions;
+import org.bouncycastle.asn1.x500.X500Name;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.asn1.x509.Certificate;
+import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.cert.X509v3CertificateBuilder;
+import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import org.bouncycastle.crypto.util.PrivateKeyFactory;
+import org.bouncycastle.operator.ContentSigner;
+import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
+import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
+import org.bouncycastle.operator.OperatorCreationException;
+import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
+import org.bouncycastle.pkcs.PKCS10CertificationRequest;
+import org.junit.jupiter.api.condition.DisabledForJreRange;
+import org.junit.jupiter.api.condition.JRE;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;
import reactor.core.publisher.Mono;
import reactor.test.StepVerifier;
import java.io.IOException;
+import java.math.BigInteger;
import java.net.HttpURLConnection;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
import java.time.Duration;
import java.util.Arrays;
+import java.util.Collections;
+import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
@@ -944,7 +965,7 @@ public void importCertificate(HttpClient httpClient, CertificateServiceVersion s
X509Certificate x509Certificate = null;
try {
- x509Certificate = loadCerToX509Certificate(importedCertificate);
+ x509Certificate = loadCerToX509Certificate(importedCertificate.getCer());
} catch (CertificateException | IOException e) {
e.printStackTrace();
fail();
@@ -956,6 +977,71 @@ public void importCertificate(HttpClient httpClient, CertificateServiceVersion s
});
}
+ @ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
+ @MethodSource("getTestParameters")
+ @DisabledForJreRange(min = JRE.JAVA_17) // Access to sun.security.* classes used here is not possible on Java 17+.
+ @SuppressWarnings("ArraysAsListWithZeroOrOneArgument")
+ public void mergeCertificate(HttpClient httpClient, CertificateServiceVersion serviceVersion) {
+ createCertificateAsyncClient(httpClient, serviceVersion);
+
+ String certificateName = testResourceNamer.randomName("testCert", 25);
+ String issuer = "Unknown";
+ String subject = "CN=MyCert";
+
+ StepVerifier.create(certificateAsyncClient.beginCreateCertificate(certificateName,
+ new CertificatePolicy(issuer, subject).setCertificateTransparent(false))
+ .takeUntil(asyncPollResponse ->
+ asyncPollResponse.getStatus() == LongRunningOperationStatus.IN_PROGRESS)
+ .map(asyncPollResponse -> {
+ MergeCertificateOptions mergeCertificateOptions = null;
+
+ try {
+ CertificateOperation certificateOperation = asyncPollResponse.getValue();
+ byte[] certificateSignRequest = certificateOperation.getCsr();
+ PKCS10CertificationRequest pkcs10CertificationRequest =
+ new PKCS10CertificationRequest(certificateSignRequest);
+ byte[] certificateToMerge = FakeCredentialsForTests.FAKE_PEM_CERTIFICATE_FOR_MERGE.getBytes();
+ X509Certificate x509ToMerge = loadCerToX509Certificate(certificateToMerge);
+ PrivateKey privateKey = loadPrivateKey("priv8.der");
+ Date notBefore = new Date();
+ Date notAfter = new Date(notBefore.getTime() + 60 * 86400000L);
+
+ X500Name mergeIssuer = new X500Name(x509ToMerge.getSubjectX500Principal().getName());
+ X500Name mergeSubject = pkcs10CertificationRequest.getSubject();
+ AlgorithmIdentifier signatureAlgorithmIdentifier =
+ new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
+ AlgorithmIdentifier digestAlgorithmIdentifier =
+ new DefaultDigestAlgorithmIdentifierFinder().find(signatureAlgorithmIdentifier);
+ AsymmetricKeyParameter asymmetricKeyParameter = PrivateKeyFactory.createKey(privateKey.getEncoded());
+ SubjectPublicKeyInfo publicKeyInfo = pkcs10CertificationRequest.getSubjectPublicKeyInfo();
+ X509v3CertificateBuilder x509CertificateBuilder =
+ new X509v3CertificateBuilder(mergeIssuer, BigInteger.ONE, notBefore, notAfter, mergeSubject,
+ publicKeyInfo);
+
+ ContentSigner contentSigner =
+ new BcRSAContentSignerBuilder(signatureAlgorithmIdentifier, digestAlgorithmIdentifier)
+ .build(asymmetricKeyParameter);
+
+ Certificate certificate = x509CertificateBuilder.build(contentSigner).toASN1Structure();
+
+ mergeCertificateOptions =
+ new MergeCertificateOptions(certificateName, Collections.singletonList(certificate.getEncoded()));
+ } catch (CertificateException | InvalidKeySpecException | IOException
+ | NoSuchAlgorithmException | OperatorCreationException e) {
+
+ fail(e);
+ }
+
+ return mergeCertificateOptions;
+ })
+ .flatMap(mergeCertificateOptions -> certificateAsyncClient.mergeCertificate(mergeCertificateOptions))
+ .flatMap(mergedCertificate -> certificateAsyncClient.getCertificateOperation(mergedCertificate.getName()))
+ .last())
+ .assertNext(pollResponse ->
+ assertEquals(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED, pollResponse.getStatus()))
+ .verifyComplete();
+ }
+
@ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
@MethodSource("getTestParameters")
@SuppressWarnings("ArraysAsListWithZeroOrOneArgument")
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTest.java b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTest.java
index 0c46f4be7fdb2..23e347c8cc47d 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTest.java
+++ b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTest.java
@@ -27,15 +27,36 @@
import com.azure.security.keyvault.certificates.models.KeyVaultCertificate;
import com.azure.security.keyvault.certificates.models.KeyVaultCertificateWithPolicy;
import com.azure.security.keyvault.certificates.models.MergeCertificateOptions;
+import org.bouncycastle.asn1.x500.X500Name;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.asn1.x509.Certificate;
+import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.cert.X509v3CertificateBuilder;
+import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import org.bouncycastle.crypto.util.PrivateKeyFactory;
+import org.bouncycastle.operator.ContentSigner;
+import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
+import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
+import org.bouncycastle.operator.OperatorCreationException;
+import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
+import org.bouncycastle.pkcs.PKCS10CertificationRequest;
+import org.junit.jupiter.api.condition.DisabledForJreRange;
+import org.junit.jupiter.api.condition.JRE;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;
import java.io.IOException;
+import java.math.BigInteger;
import java.net.HttpURLConnection;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
import java.time.Duration;
import java.util.Arrays;
+import java.util.Collections;
+import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
@@ -887,7 +908,7 @@ public void importCertificate(HttpClient httpClient, CertificateServiceVersion s
X509Certificate x509Certificate = null;
try {
- x509Certificate = loadCerToX509Certificate(importedCertificate);
+ x509Certificate = loadCerToX509Certificate(importedCertificate.getCer());
} catch (CertificateException | IOException e) {
e.printStackTrace();
fail();
@@ -898,6 +919,66 @@ public void importCertificate(HttpClient httpClient, CertificateServiceVersion s
});
}
+ @ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
+ @MethodSource("getTestParameters")
+ @DisabledForJreRange(min = JRE.JAVA_17) // Access to sun.security.* classes used here is not possible on Java 17+.
+ @SuppressWarnings("ArraysAsListWithZeroOrOneArgument")
+ public void mergeCertificate(HttpClient httpClient, CertificateServiceVersion serviceVersion) {
+ try {
+ createCertificateClient(httpClient, serviceVersion);
+
+ String certificateName = testResourceNamer.randomName("testCert", 25);
+ String issuer = "Unknown";
+ String subject = "CN=MyCert";
+ SyncPoller createCertificatePoller =
+ certificateClient.beginCreateCertificate(certificateName,
+ new CertificatePolicy(issuer, subject).setCertificateTransparent(false));
+
+ createCertificatePoller.waitUntil(LongRunningOperationStatus.IN_PROGRESS);
+
+ CertificateOperation certificateOperation = createCertificatePoller.poll().getValue();
+ byte[] certificateSignRequest = certificateOperation.getCsr();
+ PKCS10CertificationRequest pkcs10CertificationRequest =
+ new PKCS10CertificationRequest(certificateSignRequest);
+ byte[] certificateToMerge = FakeCredentialsForTests.FAKE_PEM_CERTIFICATE_FOR_MERGE.getBytes();
+ X509Certificate x509ToMerge = loadCerToX509Certificate(certificateToMerge);
+ PrivateKey privateKey = loadPrivateKey("priv8.der");
+ Date notBefore = new Date();
+ Date notAfter = new Date(notBefore.getTime() + 60 * 86400000L);
+
+ X500Name mergeIssuer = new X500Name(x509ToMerge.getSubjectX500Principal().getName());
+ X500Name mergeSubject = pkcs10CertificationRequest.getSubject();
+ AlgorithmIdentifier signatureAlgorithmIdentifier =
+ new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
+ AlgorithmIdentifier digestAlgorithmIdentifier =
+ new DefaultDigestAlgorithmIdentifierFinder().find(signatureAlgorithmIdentifier);
+ AsymmetricKeyParameter asymmetricKeyParameter = PrivateKeyFactory.createKey(privateKey.getEncoded());
+ SubjectPublicKeyInfo publicKeyInfo = pkcs10CertificationRequest.getSubjectPublicKeyInfo();
+ X509v3CertificateBuilder x509CertificateBuilder =
+ new X509v3CertificateBuilder(mergeIssuer, BigInteger.ONE, notBefore, notAfter, mergeSubject,
+ publicKeyInfo);
+
+ ContentSigner contentSigner =
+ new BcRSAContentSignerBuilder(signatureAlgorithmIdentifier, digestAlgorithmIdentifier)
+ .build(asymmetricKeyParameter);
+
+ Certificate certificate = x509CertificateBuilder.build(contentSigner).toASN1Structure();
+
+ MergeCertificateOptions mergeCertificateOptions =
+ new MergeCertificateOptions(certificateName, Collections.singletonList(certificate.getEncoded()));
+
+ certificateClient.mergeCertificate(mergeCertificateOptions);
+
+ PollResponse pollResponse = createCertificatePoller.poll();
+
+ assertEquals(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED, pollResponse.getStatus());
+ } catch (CertificateException | InvalidKeySpecException | IOException
+ | NoSuchAlgorithmException | OperatorCreationException e) {
+
+ fail(e);
+ }
+ }
+
@ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
@MethodSource("getTestParameters")
@SuppressWarnings("ArraysAsListWithZeroOrOneArgument")
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTestBase.java b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTestBase.java
index 4664d86163973..45f1f0a888b93 100644
--- a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTestBase.java
+++ b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTestBase.java
@@ -39,19 +39,23 @@
import com.azure.security.keyvault.certificates.models.CertificatePolicyAction;
import com.azure.security.keyvault.certificates.models.ImportCertificateOptions;
import com.azure.security.keyvault.certificates.models.KeyVaultCertificate;
-import com.azure.security.keyvault.certificates.models.KeyVaultCertificateWithPolicy;
import com.azure.security.keyvault.certificates.models.LifetimeAction;
import com.azure.security.keyvault.certificates.models.WellKnownIssuerNames;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.provider.Arguments;
-import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
-import java.io.FileReader;
import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Arrays;
@@ -65,7 +69,8 @@
import java.util.function.Consumer;
import java.util.stream.Stream;
-import static com.azure.security.keyvault.certificates.FakeCredentialInTest.FAKE_CERTIFICATE_CONTENT;
+import static com.azure.security.keyvault.certificates.FakeCredentialsForTests.FAKE_CERTIFICATE;
+import static com.azure.security.keyvault.certificates.FakeCredentialsForTests.FAKE_PEM_CERTIFICATE;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.fail;
@@ -485,7 +490,7 @@ void importCertificateRunner(Consumer testRunner) {
tags.put("key", "val");
ImportCertificateOptions importCertificateOptions =
- new ImportCertificateOptions(certificateName, Base64.getDecoder().decode(FAKE_CERTIFICATE_CONTENT))
+ new ImportCertificateOptions(certificateName, Base64.getDecoder().decode(FAKE_CERTIFICATE))
.setPassword(certificatePassword)
.setEnabled(true)
.setTags(tags);
@@ -498,8 +503,7 @@ public abstract void importPemCertificate(HttpClient httpClient, CertificateServ
throws IOException;
void importPemCertificateRunner(Consumer testRunner) throws IOException {
-
- byte[] certificateContent = readCertificate("pemCert.pem");
+ byte[] certificateContent = FAKE_PEM_CERTIFICATE.getBytes();
String certificateName = testResourceNamer.randomName("importCertPem", 25);
HashMap tags = new HashMap<>();
@@ -514,21 +518,19 @@ void importPemCertificateRunner(Consumer testRunner) t
}
@Test
- public abstract void mergeCertificateNotFound(HttpClient httpClient, CertificateServiceVersion serviceVersion);
+ public abstract void mergeCertificate(HttpClient httpClient, CertificateServiceVersion serviceVersion);
- private byte[] readCertificate(String certName) throws IOException {
- String pemPath = getClass().getClassLoader().getResource(certName).getPath();
- StringBuilder pemCert = new StringBuilder();
+ @Test
+ public abstract void mergeCertificateNotFound(HttpClient httpClient, CertificateServiceVersion serviceVersion);
+ protected PrivateKey loadPrivateKey(String filename)
+ throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
- try (BufferedReader br = new BufferedReader(new FileReader(pemPath))) {
- String line;
+ byte[] keyBytes = Files.readAllBytes(Paths.get("src", "test", "resources", filename));
- while ((line = br.readLine()) != null) {
- pemCert.append(line).append("\n");
- }
- }
+ PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
+ KeyFactory kf = KeyFactory.getInstance("RSA");
- return pemCert.toString().getBytes();
+ return kf.generatePrivate(spec);
}
@SuppressWarnings("ArraysAsListWithZeroOrOneArgument")
@@ -565,13 +567,12 @@ String toHexString(byte[] x5t) {
return hexString.toString().replace("-", "");
}
- X509Certificate loadCerToX509Certificate(KeyVaultCertificateWithPolicy certificate)
- throws CertificateException, IOException {
+ X509Certificate loadCerToX509Certificate(byte[] certificate) throws CertificateException, IOException {
+ assertNotNull(certificate);
- assertNotNull(certificate.getCer());
-
- ByteArrayInputStream cerStream = new ByteArrayInputStream(certificate.getCer());
+ ByteArrayInputStream cerStream = new ByteArrayInputStream(certificate);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
+
X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(cerStream);
cerStream.close();
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/FakeCredentialInTest.java b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/FakeCredentialInTest.java
deleted file mode 100644
index 8a8e778dadee2..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/FakeCredentialInTest.java
+++ /dev/null
@@ -1,64 +0,0 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
-
-package com.azure.security.keyvault.certificates;
-
-/**
- * Fake credential shared in Tests
- */
-public class FakeCredentialInTest {
- /**
- * Fake certificate content
- */
- public static final String FAKE_CERTIFICATE_CONTENT =
- "MIIJUQIBAzCCCRcGCSqGSIb3DQEHAaCCCQgEggkEMIIJADCCA7cGCSqGSIb3DQEH"
- + "BqCCA6gwggOkAgEAMIIDnQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIONsr"
- + "wr1FhuICAggAgIIDcBQWaArZgVr5K8+zccadOCGIC+WzlAx2V88HT6fQcujZItr3"
- + "koiHi7+sdTe3mQncnxqZoNGgx4s6Xh+QIIFdHSAo4EL9uGoFKiprKMHAmiCj9Pcm"
- + "M6stTFYMnzmlAiVLCNogPEobi2pfcQIVbDaVUHdm4EczlBGKyMTZSTkXmxI7Ax9V"
- + "YXucniBpxJ3d0bTHchvHCjqHCLTDCnqyPXTqQH0JpHSYdcq9pxydtoNNgT7NDrKM"
- + "0QtxIvI29+ZlSLZMxB3Mf4qOhn6bmyBakUypK1S8N0b2YPLTjp5+Zmb8W24+1bVm"
- + "gV2p10SFjbt8CacDl3dmRUkwu6C8Cl3QIpgwbMoP8hnJppyaFvIqar9roNNS3seG"
- + "8RDn/Q4DCYWJ6JhA6Z+gDL3BncwE2q9rekkOwo1MwERNhBEtINrXztKogdA/as1o"
- + "O443ZbM/qm5pX9ZPh4Hv8Hzgl0aqlxubsUcEr8SIDNEJ3u91/gDdmHWgabnLZif8"
- + "A7e2TMCqTiCM2nRr3soNUvOqnLHoexAKqsQAvi36VVmdAH1085Q+ISpVseCe3Piq"
- + "PhLsqyfF2Yox+NkI/nOwtg0XhO+mdoAkes03ojctqFXB2ygo/iRH2ng16zGnWes0"
- + "nSp3rcOaoqcE1c85+/QQZZrzVspdnnNhYWWr1IiwyiOctOAovpmU9oDacY+1u9dO"
- + "pnVRr5ibwR1NSlIVl1KPNsYmQoP9hig8lULeVGLQTWEQc8qb55t/Y/RpgNFEs3pi"
- + "Hmd12R9NZMBcrZp3bbSzdS51OicQ6PKRXKESHVMbbsLiR8M62Dxg9ysH0kVEdxjw"
- + "LfdlqAPby/+/L2t62WKkoHq37GtqtVDYAELBsP9tq3AF+ucUB1Gj8vvwEAedJ2Zl"
- + "Q2f9xVTHXr0Ah3JkYsMpAuK0HZzMTVc0ZKXrfocbtvwr4aVwc3zOP+pz1AhqZpkD"
- + "fr23NVkAmV63aIBOr1TSNPCnn7PMlr4rfZ2vzwBKCrfnc+O44IsWNg1N4ZBAKjnh"
- + "ZZjhgxRYC5en7PKVPHAla2R8299RJy7tuiR6qo58UZNdsIJXBbjhytLroZHvdF3r"
- + "mSTxgYli5h9xKAw9c6eqmrmGNRD1dY9bmkgFNwF6C8Yi4RdCZ3C6LNFHhgxMwbXi"
- + "Xl5Mfa7E4ZSOWIeH8I79knxDPDMm4sTRSncbyn8wggVBBgkqhkiG9w0BBwGgggUy"
- + "BIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMw"
- + "DgQI4fPTwJwGln0CAggABIIEyE1waejpdCUGBbzwCZhdul9adyBO8futpEZKKlcc"
- + "RnP2iQ82N7P2CE7cXEch8OrC3+qyvyGfqVzNpjOWT1v+uMrqT67enK00/eU/OWxk"
- + "2edizJXUr+usLjojPh1Yu822Ffax3qiZ87Svm9staSNebek6q/2W24KnaDNvqPPT"
- + "vGA4prwpwdn98NHGQou5WQiSsh+VkT49duZxO6/+TWK8I27FnoyCgiKEjr6vvY6a"
- + "x4E3ect4Kz0MZsLKNYd6/BqBRw2UnrKg0yoIYHvP/j/DT8q++cafs9ZSS2eO4ZlC"
- + "5DAshQdXUD6O7fJF+rI5Ao36keWlkz8DKi0kWL32Rzvk56vVbVGIkrGveZ19E5WR"
- + "3kqkFNddO+zZs6tJJeO8Rghylp43mgyivpkzPQ6By9aekn+VgQ5Oqze7gUX74CD0"
- + "onjf5Q5eaOl6ZGdcVlKOXbf/r8libAq7GvGICm1Rfa79/Q1IqvvKFmxd/WZfa1iJ"
- + "OwZwaV53ALhlDejdTU1YS7ZHorFTJGfn4LtHoVkRpZsMnA+ygMZ0+vTTgnGS1GZz"
- + "g7OACuXWla1Dh2yv/UYKpdnhgyAGgCcIIguiRSD/JWxZxiT9sb/t+bN7NLRYpXak"
- + "rYTOi1lHoqCGfZTlzMyZPmo/DfZTdhGXVUYA6puvi+Qv22ub9N01riv2TN9noOkB"
- + "RH67I48dXRrzJi7m2CYG6v8pQmvW4Tg3feIrOF99hHU/YJfOWvQgjiQoyJFlyq8L"
- + "1wwhG4eXQH4bP97ilJHFDWjTzKzbYrhKZadd7SJ2hT6R3NPH9AYyMdsoPaWu9RIE"
- + "g2niz0niFXwUnNQib/deL7PDyFwndsRtp3P405oF4tzMU1Q4mD2IwObM7g4+syFW"
- + "c+2Cy29o0buJrb4jIsIjjUYNB/mzoU7iKXwQ0qhPTHyUbP4XM5jaiEuS48u4hRbh"
- + "k9C5Ti6fvrbeVqN/rcXPvS0h+HCf4Gc8LCXTBME0a1SSnQR10q66GRnuQa2hM+/b"
- + "AxQUTXNYs/p4Np8aGIR6EkXXR0cbcoMHp3+d6h9B8tqlmvTYAFYvlkImeyJaNOpH"
- + "J9E+AbNEugEm1s+GgfQT5XKCThmpg0uNyKFAkjvkXjoS5K4dJwQPtYfM2SYyLjTO"
- + "dEmsjPKR7NcBIR3hx35PIpyHxdqAnb25GakB7GHX1/HJsZCf+NLuUsWkyP6pNy6w"
- + "o9l9BOSSDnUPEV5D/J1h/GZ/hOHcf9WDv06KefKAy77UpnTKSSlHr/PzkfNbtjFf"
- + "6xKPQRWA1WVd3FW2BETdABteX0QcYSZjVRjirWZUOxu2VKv9I4G0PGMjmo6UxCMG"
- + "xFV1qulKn+kPAInoNbgbY2ZaF5q1FAoMQ4nAPG6W79J0xgEkuCiH6F7F7TEHldCO"
- + "ulHWfJja7K27zW2T4ZnQbcpKmHpCns7bAt0198CrYyHfNP4Yyx0uiXBI+Z9hlHvO"
- + "kcs0l5RDV1EWR3jOih7zLr43MPwJ12sXwEMCOjUHYxs0jTZcgmti+wBPs8xuWayh"
- + "J/9pD1DfFxf6lFOCi1op5zPc7U3NNMbU3gXgSolsrMjm0dJH0rfu4+C0cym62EBo"
- + "IGdvyABqS9N96YUu1OreBcCYiTP5Qajn87J8i9zj3aa5lFGJYCS6s8EBeDElMCMG"
- + "CSqGSIb3DQEJFTEWBBTbFJe8LIKzZcXHxz9hFRPuEXeQqTAxMCEwCQYFKw4DAhoF"
- + "AAQUI7HzgLxeU0ExCw7mUkJyWmnUlckECNF1gKFeLQMGAgIIAA==";
-}
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/FakeCredentialsForTests.java b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/FakeCredentialsForTests.java
new file mode 100644
index 0000000000000..67557bb45c07c
--- /dev/null
+++ b/sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/FakeCredentialsForTests.java
@@ -0,0 +1,166 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.azure.security.keyvault.certificates;
+
+/**
+ * Fake credential shared in Tests
+ */
+public class FakeCredentialsForTests {
+ /**
+ * Fake certificate content
+ */
+ public static final String FAKE_CERTIFICATE =
+ "MIIJUQIBAzCCCRcGCSqGSIb3DQEHAaCCCQgEggkEMIIJADCCA7cGCSqGSIb3DQEH"
+ + "BqCCA6gwggOkAgEAMIIDnQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIONsr"
+ + "wr1FhuICAggAgIIDcBQWaArZgVr5K8+zccadOCGIC+WzlAx2V88HT6fQcujZItr3"
+ + "koiHi7+sdTe3mQncnxqZoNGgx4s6Xh+QIIFdHSAo4EL9uGoFKiprKMHAmiCj9Pcm"
+ + "M6stTFYMnzmlAiVLCNogPEobi2pfcQIVbDaVUHdm4EczlBGKyMTZSTkXmxI7Ax9V"
+ + "YXucniBpxJ3d0bTHchvHCjqHCLTDCnqyPXTqQH0JpHSYdcq9pxydtoNNgT7NDrKM"
+ + "0QtxIvI29+ZlSLZMxB3Mf4qOhn6bmyBakUypK1S8N0b2YPLTjp5+Zmb8W24+1bVm"
+ + "gV2p10SFjbt8CacDl3dmRUkwu6C8Cl3QIpgwbMoP8hnJppyaFvIqar9roNNS3seG"
+ + "8RDn/Q4DCYWJ6JhA6Z+gDL3BncwE2q9rekkOwo1MwERNhBEtINrXztKogdA/as1o"
+ + "O443ZbM/qm5pX9ZPh4Hv8Hzgl0aqlxubsUcEr8SIDNEJ3u91/gDdmHWgabnLZif8"
+ + "A7e2TMCqTiCM2nRr3soNUvOqnLHoexAKqsQAvi36VVmdAH1085Q+ISpVseCe3Piq"
+ + "PhLsqyfF2Yox+NkI/nOwtg0XhO+mdoAkes03ojctqFXB2ygo/iRH2ng16zGnWes0"
+ + "nSp3rcOaoqcE1c85+/QQZZrzVspdnnNhYWWr1IiwyiOctOAovpmU9oDacY+1u9dO"
+ + "pnVRr5ibwR1NSlIVl1KPNsYmQoP9hig8lULeVGLQTWEQc8qb55t/Y/RpgNFEs3pi"
+ + "Hmd12R9NZMBcrZp3bbSzdS51OicQ6PKRXKESHVMbbsLiR8M62Dxg9ysH0kVEdxjw"
+ + "LfdlqAPby/+/L2t62WKkoHq37GtqtVDYAELBsP9tq3AF+ucUB1Gj8vvwEAedJ2Zl"
+ + "Q2f9xVTHXr0Ah3JkYsMpAuK0HZzMTVc0ZKXrfocbtvwr4aVwc3zOP+pz1AhqZpkD"
+ + "fr23NVkAmV63aIBOr1TSNPCnn7PMlr4rfZ2vzwBKCrfnc+O44IsWNg1N4ZBAKjnh"
+ + "ZZjhgxRYC5en7PKVPHAla2R8299RJy7tuiR6qo58UZNdsIJXBbjhytLroZHvdF3r"
+ + "mSTxgYli5h9xKAw9c6eqmrmGNRD1dY9bmkgFNwF6C8Yi4RdCZ3C6LNFHhgxMwbXi"
+ + "Xl5Mfa7E4ZSOWIeH8I79knxDPDMm4sTRSncbyn8wggVBBgkqhkiG9w0BBwGgggUy"
+ + "BIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMw"
+ + "DgQI4fPTwJwGln0CAggABIIEyE1waejpdCUGBbzwCZhdul9adyBO8futpEZKKlcc"
+ + "RnP2iQ82N7P2CE7cXEch8OrC3+qyvyGfqVzNpjOWT1v+uMrqT67enK00/eU/OWxk"
+ + "2edizJXUr+usLjojPh1Yu822Ffax3qiZ87Svm9staSNebek6q/2W24KnaDNvqPPT"
+ + "vGA4prwpwdn98NHGQou5WQiSsh+VkT49duZxO6/+TWK8I27FnoyCgiKEjr6vvY6a"
+ + "x4E3ect4Kz0MZsLKNYd6/BqBRw2UnrKg0yoIYHvP/j/DT8q++cafs9ZSS2eO4ZlC"
+ + "5DAshQdXUD6O7fJF+rI5Ao36keWlkz8DKi0kWL32Rzvk56vVbVGIkrGveZ19E5WR"
+ + "3kqkFNddO+zZs6tJJeO8Rghylp43mgyivpkzPQ6By9aekn+VgQ5Oqze7gUX74CD0"
+ + "onjf5Q5eaOl6ZGdcVlKOXbf/r8libAq7GvGICm1Rfa79/Q1IqvvKFmxd/WZfa1iJ"
+ + "OwZwaV53ALhlDejdTU1YS7ZHorFTJGfn4LtHoVkRpZsMnA+ygMZ0+vTTgnGS1GZz"
+ + "g7OACuXWla1Dh2yv/UYKpdnhgyAGgCcIIguiRSD/JWxZxiT9sb/t+bN7NLRYpXak"
+ + "rYTOi1lHoqCGfZTlzMyZPmo/DfZTdhGXVUYA6puvi+Qv22ub9N01riv2TN9noOkB"
+ + "RH67I48dXRrzJi7m2CYG6v8pQmvW4Tg3feIrOF99hHU/YJfOWvQgjiQoyJFlyq8L"
+ + "1wwhG4eXQH4bP97ilJHFDWjTzKzbYrhKZadd7SJ2hT6R3NPH9AYyMdsoPaWu9RIE"
+ + "g2niz0niFXwUnNQib/deL7PDyFwndsRtp3P405oF4tzMU1Q4mD2IwObM7g4+syFW"
+ + "c+2Cy29o0buJrb4jIsIjjUYNB/mzoU7iKXwQ0qhPTHyUbP4XM5jaiEuS48u4hRbh"
+ + "k9C5Ti6fvrbeVqN/rcXPvS0h+HCf4Gc8LCXTBME0a1SSnQR10q66GRnuQa2hM+/b"
+ + "AxQUTXNYs/p4Np8aGIR6EkXXR0cbcoMHp3+d6h9B8tqlmvTYAFYvlkImeyJaNOpH"
+ + "J9E+AbNEugEm1s+GgfQT5XKCThmpg0uNyKFAkjvkXjoS5K4dJwQPtYfM2SYyLjTO"
+ + "dEmsjPKR7NcBIR3hx35PIpyHxdqAnb25GakB7GHX1/HJsZCf+NLuUsWkyP6pNy6w"
+ + "o9l9BOSSDnUPEV5D/J1h/GZ/hOHcf9WDv06KefKAy77UpnTKSSlHr/PzkfNbtjFf"
+ + "6xKPQRWA1WVd3FW2BETdABteX0QcYSZjVRjirWZUOxu2VKv9I4G0PGMjmo6UxCMG"
+ + "xFV1qulKn+kPAInoNbgbY2ZaF5q1FAoMQ4nAPG6W79J0xgEkuCiH6F7F7TEHldCO"
+ + "ulHWfJja7K27zW2T4ZnQbcpKmHpCns7bAt0198CrYyHfNP4Yyx0uiXBI+Z9hlHvO"
+ + "kcs0l5RDV1EWR3jOih7zLr43MPwJ12sXwEMCOjUHYxs0jTZcgmti+wBPs8xuWayh"
+ + "J/9pD1DfFxf6lFOCi1op5zPc7U3NNMbU3gXgSolsrMjm0dJH0rfu4+C0cym62EBo"
+ + "IGdvyABqS9N96YUu1OreBcCYiTP5Qajn87J8i9zj3aa5lFGJYCS6s8EBeDElMCMG"
+ + "CSqGSIb3DQEJFTEWBBTbFJe8LIKzZcXHxz9hFRPuEXeQqTAxMCEwCQYFKw4DAhoF"
+ + "AAQUI7HzgLxeU0ExCw7mUkJyWmnUlckECNF1gKFeLQMGAgIIAA==";
+
+ public static final String FAKE_PEM_CERTIFICATE =
+ "-----BEGIN CERTIFICATE-----\n"
+ + "MIIDqzCCApMCFC+MROpib4t03Wqzgkcod1lad6JtMA0GCSqGSIb3DQEBCwUAMIGR\n"
+ + "MQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQ\n"
+ + "BgNVBAoMCU1pY3Jvc29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlB\n"
+ + "enVyZSBTREsxJzAlBgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNv\n"
+ + "bTAeFw0yMDAyMTQyMzE3MTZaFw0yNTAyMTIyMzE3MTZaMIGRMQswCQYDVQQGEwJV\n"
+ + "UzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQBgNVBAoMCU1pY3Jv\n"
+ + "c29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlBenVyZSBTREsxJzAl\n"
+ + "BgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNvbTCCASIwDQYJKoZI\n"
+ + "hvcNAQEBBQADggEPADCCAQoCggEBANwCTuK0OnFc8UytzzCIB5pUWqWCMZA8kWO1\n"
+ + "Es84wOVupPTZHNDWKI57prj0CB5JP2yU8BkIFjhkV/9wc2KLjKwu7xaJTwBZF/i0\n"
+ + "t8dPBbgiEUmK6xdbJsLXoef/XZ5AmvCKb0mimEMvL8KgeF5OHuZJuYO0zCiRNVtp\n"
+ + "ZYSx2R73qhgy5klDHh346qQd5T+KbsdK3DArilT86QO1GrpBWl1GPvHJ3VZ1OO33\n"
+ + "iFWfyEVgwdAtMAkWXH8Eh1/MpPE8WQk5X5pdVEu+RJLLrVbgr+cnlVzfirSVLRar\n"
+ + "KZROAB3e2x8JdSqylnar/WWK11NERdiKaZr3WxAkceuVkTsKmRkCAwEAATANBgkq\n"
+ + "hkiG9w0BAQsFAAOCAQEAYLfk2dBcW1mJbkVYx80ogDUy/xX3d+uuop2gZwUXuzWY\n"
+ + "I4uXzSEsY37/+NKzOX6PtET3X6xENDW7AuJhTuWmTGZtPB1AjiVKLIgRwugV3Ovr\n"
+ + "1DoPBIvS7iCHGGcsr7tAgYxiVATlIcczCxQG1KPhrrLSUDxkbiyUHpyroExHGBeC\n"
+ + "UflT2BIO+TZ+44aYfO7vuwpu0ajfB6Rs0s/DM+uUTWCfsVvyPenObHz5HF2vxf75\n"
+ + "y8pr3fYKuUvpJ45T0ZjiXyRpkBTDudU3vuYuyAP3PwO6F/ic7Rm9D1uzEI38Va+o\n"
+ + "6CUh4NJnpIZIBs7T+rPwhKrUuM7BEO0CL7VTh37UzA==\n"
+ + "-----END CERTIFICATE-----\n"
+ + "-----BEGIN PRIVATE KEY-----\n"
+ + "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDcAk7itDpxXPFM\n"
+ + "rc8wiAeaVFqlgjGQPJFjtRLPOMDlbqT02RzQ1iiOe6a49AgeST9slPAZCBY4ZFf/\n"
+ + "cHNii4ysLu8WiU8AWRf4tLfHTwW4IhFJiusXWybC16Hn/12eQJrwim9JophDLy/C\n"
+ + "oHheTh7mSbmDtMwokTVbaWWEsdke96oYMuZJQx4d+OqkHeU/im7HStwwK4pU/OkD\n"
+ + "tRq6QVpdRj7xyd1WdTjt94hVn8hFYMHQLTAJFlx/BIdfzKTxPFkJOV+aXVRLvkSS\n"
+ + "y61W4K/nJ5Vc34q0lS0WqymUTgAd3tsfCXUqspZ2q/1litdTREXYimma91sQJHHr\n"
+ + "lZE7CpkZAgMBAAECggEAMRfSwoO1BtbWgWXHdezkxWtNTuFebfEWAEnHiLYBVTD7\n"
+ + "XieUZoVjR2gQK/VIWnm9zVzutqc3Th4WBMny9WpuWX2fnEfHeSxoTPcGi1L207/G\n"
+ + "W8LD8tJEM/YqCrrRCR8hc8twSd4eW9+LqMJmGaUVAA4zd1BAvkyou10pahLFgEMZ\n"
+ + "nlYxOzz0KrniNIdQxhwfaXZYUzX5ooJYtgY74vnSOHQhepRt5HY9B7iZ6jm/3ulA\n"
+ + "aJnfNbQ8YDYTS0R+OGv8RXU/jLCm5+TPwx0XFwZ6vRtWwWUUxhLV77Re9GP1xIx9\n"
+ + "VnYm9W3RyOm/KD9keQMTWKT0bLGB8fC6kj2mvbjgAQKBgQDzh5sy7q9RA+GqprC8\n"
+ + "8aUmkaTMXNahPPPJoLOflJ/+QlOt6YZUIn55vmicVsvFzr9hbxdTW7aQS91iAu05\n"
+ + "swEyltsR0my7FXsHZnN4SBct2FimAzMLTWQr10vLLRoSR5CNpUdoXGWFOAa3LKrZ\n"
+ + "aPJEM1hA3h2XDfZ7Gtxjg4ypIQKBgQDnRl9pGwd83MkoxT4CiZvNbvdBg4lXlHcA\n"
+ + "JoZ9OfoOey+7WRsOFsMvQapXf+JlvixP0ldECXZyxifswvfmiR2oqYTeRbITderg\n"
+ + "mwjDjN571Ui0ls5HwCBE+/iZoNmQI5INAPqsQMXwW0rx4YNXHblsJ0qT+3yFNWOF\n"
+ + "m6STMH8Y+QKBgFai8JivB1nICrleMdQWF43gFIPLp2OXPpeFf0GPa1fWGtTtFifK\n"
+ + "WbpP/gFYc4f8pGMyVVcHcqxlAO5EYka7ovpvZqIxfRMVcj5QuVWaN/zMUcVFsBwe\n"
+ + "PTvHjSRL+FF2ejuaCAxdipRZOTJjRqivyDhxF72EB3zcr8pd5PfWLe1hAoGASJRO\n"
+ + "JvcDj4zeWDwmLLewvHTBhb7Y4DJIcjSk6jHCpr7ECQB6vB4qnO73nUQV8aYP0/EH\n"
+ + "z+NEV9qV9vhswd1wAFlKyFKJAxBzaI9e3becrrINghb9n4jM17lXmCbhgBmZoRkY\n"
+ + "kew18itERspl5HYAlc9y2SQIPOm3VNu2dza1/EkCgYEAlTMyL6arbtJJsygzVn8l\n"
+ + "gKHuURwp1cxf6hUuXKJ56xI/I1OZjMidZM0bYSznmK9SGNxlfNbIV8vNhQfiwR6t\n"
+ + "HyGypSRP+h9MS9E66boXyINaOClZqiCn0pI9aiIpl3D6EbT6e7+zKljT0XmZJduK\n"
+ + "BkRGMfUngiT8oVyaMtZWYPM=\n"
+ + "-----END PRIVATE KEY-----";
+
+ public static final String FAKE_PEM_CERTIFICATE_FOR_MERGE =
+ "-----BEGIN CERTIFICATE-----\n"
+ + "MIIDazCCAlOgAwIBAgIUYju9zymmCCF7rCaROzfZs0pNgmkwDQYJKoZIhvcNAQEL\n"
+ + "BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\n"
+ + "GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xOTA4MjgyMjU0MTNaFw0xOTA5\n"
+ + "MjcyMjU0MTNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw\n"
+ + "HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB\n"
+ + "AQUAA4IBDwAwggEKAoIBAQD0YrMz5atoPmTTxLtCO69kM3E97bdjJgyAVZJS9mP3\n"
+ + "HQyHkFNb09eDeAAzcZLR5nYXX7yweowTWVcIe3k9+Z/tUeVrAlOVe2COaIHAUZIh\n"
+ + "jELq/u8257/8MqqbKXhsyrWNAVDyKndDgvbbgxNsUTbMoAe9BCL/5fzowsnPLaCI\n"
+ + "MCYRaQJUySbIoTmKi11hF09CFFSkL9nvfQODFyEde6JHPWrVRse2lioPLJeC9LoU\n"
+ + "GNNZnbqry+UbHp4vORPp6OQTqBTm1ZVWPzCuYuWUmEe27K7zghEJr/Yx0OLq9kI5\n"
+ + "H960CSOkdhsOTcBkORfhivSQnmOn2RnCPIEsUTzjwXNZAgMBAAGjUzBRMB0GA1Ud\n"
+ + "DgQWBBQIAunu6y1BmFSDfFNfTnqFggB0gzAfBgNVHSMEGDAWgBQIAunu6y1BmFSD\n"
+ + "fFNfTnqFggB0gzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAr\n"
+ + "+RM7gbqWRXnWJwE/hV/ZI2hXAhDN4RYQ4fWMJfg/E9wcLeqqRtJhXbqpJW08IZWp\n"
+ + "QKcWfrFcfZ3ZxVAi5Ey+iuvD2VeBf9v5RZI4c9JqswS9xG2A1x/BeGcUk1y/q9E5\n"
+ + "4whf5fLSJQVxK+C53yemoHPrBg8zVhLJv5SG7Uw7jcqiQvu2aHGGWPLiO7mmMPtP\n"
+ + "qO/I+6FjXuBpNomTqM897MY3Qzg43rpoCilpOpkRtMHknfhFxt05p+Fn73Fb60ru\n"
+ + "ZsFRA52lsEBxGmI0QmXGjwkUZFwQTXEDUWwId3VJxoHRZwv1gmHfwhkYt+mNWJDa\n"
+ + "mU7AMDzlQRwGC8hpWJRT\n"
+ + "-----END CERTIFICATE-----\n"
+ + "-----BEGIN RSA PRIVATE KEY-----\n"
+ + "MIIEpQIBAAKCAQEA9GKzM+WraD5k08S7QjuvZDNxPe23YyYMgFWSUvZj9x0Mh5BT\n"
+ + "W9PXg3gAM3GS0eZ2F1+8sHqME1lXCHt5Pfmf7VHlawJTlXtgjmiBwFGSIYxC6v7v\n"
+ + "Nue//DKqmyl4bMq1jQFQ8ip3Q4L224MTbFE2zKAHvQQi/+X86MLJzy2giDAmEWkC\n"
+ + "VMkmyKE5iotdYRdPQhRUpC/Z730DgxchHXuiRz1q1UbHtpYqDyyXgvS6FBjTWZ26\n"
+ + "q8vlGx6eLzkT6ejkE6gU5tWVVj8wrmLllJhHtuyu84IRCa/2MdDi6vZCOR/etAkj\n"
+ + "pHYbDk3AZDkX4Yr0kJ5jp9kZwjyBLFE848FzWQIDAQABAoIBAHrhegv5SrOy083r\n"
+ + "mODX0/wFJcam1dRD2HtbC6UtgNxLPfaYKmH85duUJj23uMRUJkLgf6cZJ3+/J1T7\n"
+ + "iN4Ru0mAKWQiGlcKX2WbxMon+dtmhGtW3n90DgPIkiJMuuGxF5Kb+9CYa7mFi4ya\n"
+ + "ntSTDYPcX6e6AcM8KGv9La4/2f0/hQKCN3jZbnQ/GqjnJdxrAV1KV0IMoNPpZmat\n"
+ + "Sa0EZ9eiR57/xAe1OxceEt0nO7hAl+jX7tFEGvaNClKG2OMgZ+oHOxI+s9jW8DyD\n"
+ + "wRJbd0hxUl/KXLxzyeFTBdLxB+SQtlcr4w5khyt3AvlKd4Iveqkq2FBCtfATYitt\n"
+ + "+Ic61IUCgYEA/j4mMdo+qokzACmGJWEquC6yNoUI5aYsHTRVvX0sLpBX7MapIEwM\n"
+ + "zHdvMEFBxw8rs7ll1xELW+dnbIZqj/ou43E3+PSgovdFGOA8kQlPpcIIutTEZQh7\n"
+ + "dlWzvAVZr0iO4xfXY2gFQot41fY4yRy8Q14ayo/VjQK4uKlnGqqlmwsCgYEA9hMc\n"
+ + "FIAYpit7779tKD+O4vEkMoTkIxqSAZUuOZ5qB5UaF4Y/+MIGZUnrjJlGLnoFQmsP\n"
+ + "CVPVMOQKV7yjg0LBadeDHEjESwHJNk0qxPSXWuXGlu01yVkqUehNumSBdnSLBmjR\n"
+ + "jNIxPVEmW9d6+eAzIFiTkwqM9cAuLb75DL++iasCgYEAxhqzNEE0dzl0zfmNF29B\n"
+ + "FEb+glDi/96dnRv8eywf0yCSAmNBwXLAvkmKD/WpRWxixyX9XrlfOntzMTMDsbBl\n"
+ + "/L9pt8kVqiY2Zw3C49h3gVdR6hKD/Z3AZhKdfDJHEbfd7sHTCRgykQmQXFgBI2QK\n"
+ + "pguboJ627atjODB3sGWrqMUCgYEA2QoJ3lsNYqM/8TpaQQGuOaSPVK+5uOyakyLN\n"
+ + "XqzGwGFWXiFfEz2u/m+wfpZCPIQLV4WuAYAbrb+1D6WmYwPiLESVs8DKwY2Vt3tg\n"
+ + "mc9SIC5CdqRKqIkoto264Qf82En6xXB2Q0qxe2+z8ZWhNfv1nDYEE9FeevNCx76F\n"
+ + "VCVbHXkCgYEA4+FD1q6iwl9wsAOKFVo+W044/MhKHDsyIED3YOzeRTAWRl2w/KX0\n"
+ + "c5ty2KecGu0cVXoAv2YUttHsuMZfm/QdosZr9UB4CR2lmzRys3LSx6QzCkZeMb/s\n"
+ + "QOMs6SYCPXggdXCAu9EVf5+TtYQg7aQNTTuYErlyq2g/tk3un8bHTwI=\n"
+ + "-----END RSA PRIVATE KEY-----";
+}
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/pemCert.pem b/sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/pemCert.pem
deleted file mode 100644
index 1498255cabe8c..0000000000000
--- a/sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/pemCert.pem
+++ /dev/null
@@ -1,50 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDqzCCApMCFC+MROpib4t03Wqzgkcod1lad6JtMA0GCSqGSIb3DQEBCwUAMIGR
-MQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQ
-BgNVBAoMCU1pY3Jvc29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlB
-enVyZSBTREsxJzAlBgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNv
-bTAeFw0yMDAyMTQyMzE3MTZaFw0yNTAyMTIyMzE3MTZaMIGRMQswCQYDVQQGEwJV
-UzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQBgNVBAoMCU1pY3Jv
-c29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlBenVyZSBTREsxJzAl
-BgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNvbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBANwCTuK0OnFc8UytzzCIB5pUWqWCMZA8kWO1
-Es84wOVupPTZHNDWKI57prj0CB5JP2yU8BkIFjhkV/9wc2KLjKwu7xaJTwBZF/i0
-t8dPBbgiEUmK6xdbJsLXoef/XZ5AmvCKb0mimEMvL8KgeF5OHuZJuYO0zCiRNVtp
-ZYSx2R73qhgy5klDHh346qQd5T+KbsdK3DArilT86QO1GrpBWl1GPvHJ3VZ1OO33
-iFWfyEVgwdAtMAkWXH8Eh1/MpPE8WQk5X5pdVEu+RJLLrVbgr+cnlVzfirSVLRar
-KZROAB3e2x8JdSqylnar/WWK11NERdiKaZr3WxAkceuVkTsKmRkCAwEAATANBgkq
-hkiG9w0BAQsFAAOCAQEAYLfk2dBcW1mJbkVYx80ogDUy/xX3d+uuop2gZwUXuzWY
-I4uXzSEsY37/+NKzOX6PtET3X6xENDW7AuJhTuWmTGZtPB1AjiVKLIgRwugV3Ovr
-1DoPBIvS7iCHGGcsr7tAgYxiVATlIcczCxQG1KPhrrLSUDxkbiyUHpyroExHGBeC
-UflT2BIO+TZ+44aYfO7vuwpu0ajfB6Rs0s/DM+uUTWCfsVvyPenObHz5HF2vxf75
-y8pr3fYKuUvpJ45T0ZjiXyRpkBTDudU3vuYuyAP3PwO6F/ic7Rm9D1uzEI38Va+o
-6CUh4NJnpIZIBs7T+rPwhKrUuM7BEO0CL7VTh37UzA==
------END CERTIFICATE-----
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDcAk7itDpxXPFM
-rc8wiAeaVFqlgjGQPJFjtRLPOMDlbqT02RzQ1iiOe6a49AgeST9slPAZCBY4ZFf/
-cHNii4ysLu8WiU8AWRf4tLfHTwW4IhFJiusXWybC16Hn/12eQJrwim9JophDLy/C
-oHheTh7mSbmDtMwokTVbaWWEsdke96oYMuZJQx4d+OqkHeU/im7HStwwK4pU/OkD
-tRq6QVpdRj7xyd1WdTjt94hVn8hFYMHQLTAJFlx/BIdfzKTxPFkJOV+aXVRLvkSS
-y61W4K/nJ5Vc34q0lS0WqymUTgAd3tsfCXUqspZ2q/1litdTREXYimma91sQJHHr
-lZE7CpkZAgMBAAECggEAMRfSwoO1BtbWgWXHdezkxWtNTuFebfEWAEnHiLYBVTD7
-XieUZoVjR2gQK/VIWnm9zVzutqc3Th4WBMny9WpuWX2fnEfHeSxoTPcGi1L207/G
-W8LD8tJEM/YqCrrRCR8hc8twSd4eW9+LqMJmGaUVAA4zd1BAvkyou10pahLFgEMZ
-nlYxOzz0KrniNIdQxhwfaXZYUzX5ooJYtgY74vnSOHQhepRt5HY9B7iZ6jm/3ulA
-aJnfNbQ8YDYTS0R+OGv8RXU/jLCm5+TPwx0XFwZ6vRtWwWUUxhLV77Re9GP1xIx9
-VnYm9W3RyOm/KD9keQMTWKT0bLGB8fC6kj2mvbjgAQKBgQDzh5sy7q9RA+GqprC8
-8aUmkaTMXNahPPPJoLOflJ/+QlOt6YZUIn55vmicVsvFzr9hbxdTW7aQS91iAu05
-swEyltsR0my7FXsHZnN4SBct2FimAzMLTWQr10vLLRoSR5CNpUdoXGWFOAa3LKrZ
-aPJEM1hA3h2XDfZ7Gtxjg4ypIQKBgQDnRl9pGwd83MkoxT4CiZvNbvdBg4lXlHcA
-JoZ9OfoOey+7WRsOFsMvQapXf+JlvixP0ldECXZyxifswvfmiR2oqYTeRbITderg
-mwjDjN571Ui0ls5HwCBE+/iZoNmQI5INAPqsQMXwW0rx4YNXHblsJ0qT+3yFNWOF
-m6STMH8Y+QKBgFai8JivB1nICrleMdQWF43gFIPLp2OXPpeFf0GPa1fWGtTtFifK
-WbpP/gFYc4f8pGMyVVcHcqxlAO5EYka7ovpvZqIxfRMVcj5QuVWaN/zMUcVFsBwe
-PTvHjSRL+FF2ejuaCAxdipRZOTJjRqivyDhxF72EB3zcr8pd5PfWLe1hAoGASJRO
-JvcDj4zeWDwmLLewvHTBhb7Y4DJIcjSk6jHCpr7ECQB6vB4qnO73nUQV8aYP0/EH
-z+NEV9qV9vhswd1wAFlKyFKJAxBzaI9e3becrrINghb9n4jM17lXmCbhgBmZoRkY
-kew18itERspl5HYAlc9y2SQIPOm3VNu2dza1/EkCgYEAlTMyL6arbtJJsygzVn8l
-gKHuURwp1cxf6hUuXKJ56xI/I1OZjMidZM0bYSznmK9SGNxlfNbIV8vNhQfiwR6t
-HyGypSRP+h9MS9E66boXyINaOClZqiCn0pI9aiIpl3D6EbT6e7+zKljT0XmZJduK
-BkRGMfUngiT8oVyaMtZWYPM=
------END PRIVATE KEY-----
diff --git a/sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/priv8.der b/sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/priv8.der
new file mode 100644
index 0000000000000..6a81a80099bd5
Binary files /dev/null and b/sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/priv8.der differ