是否可以从Azure Key Vault密钥中获取私钥?

我在Azure密钥保管库中看到的所有数据加密/解密示例都使用keyVaultClient.DecryptAsync()方法在本地进行加密和在Azure自身内部进行解密.

All of the data encryption/decryption examples I have seen with Azure key Vault do the encryption locally and decryption within Azure itself by using the keyVaultClient.DecryptAsync() method.

我知道这是更安全的，因为私钥永远不会离开Azure并泄漏到您的应用程序代码中，但是，如果我也想在本地进行解密，我该如何取出私钥呢?

I understand that this is more secure as the private key never leaves Azure and leaks into your application code, but what if I want to do the decryption locally as well, how do i get the private key out?

我正在使用keyVaultClient.GetKeyAsync()，但是它似乎只包含公共密钥.

I am using keyVaultClient.GetKeyAsync() but it only seems to contain the public key.

Azure解密中的一个问题是，如果开发人员没有访问Azure的权限，就无法在开发环境中复制它.似乎没有Azure Key Vault的模拟器.

One of the issues I have with the in Azure decryption is that I can't replicate it in development environment without the developer having access to Azure. There does not seem to be an emulator for Azure Key Vault.

看来，实现我想要的唯一方法是使用Azure Key Vault Secret并在其中存储包含公钥/私钥的PFX证书?

It looks like the only way to achieve what I want is by using Azure Key Vault Secret and storing a PFX certificate containing public/private keys in it?