Sample code for 30+ languages & platforms
Delphi DLL

Export a Certificate's Private Key to Various Formats

See more Certificates Examples

Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Cert, PrivateKey;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
cert: HCkCert;
pfxFilename: PWideChar;
pfxPassword: PWideChar;
privKey: HCkPrivateKey;
password: PWideChar;
path: PWideChar;

begin
success := False;

cert := CkCert_Create();

// Load from the PFX file
pfxFilename := '/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx';
pfxPassword := 'test';

// A PFX typically contains certificates in the chain of authentication.
// The Chilkat cert object will choose the certificate w/
// private key farthest from the root authority cert.
// To access all the certificates in a PFX, use the 
// Chilkat certificate store object instead.
success := CkCert_LoadPfxFile(cert,pfxFilename,pfxPassword);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

// Get the private key...
privKey := CkPrivateKey_Create();
success := CkCert_GetPrivateKey(cert,privKey);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

// Export to various formats:

password := 'secret';

// PKCS8 Encrypted DER
path := '/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der';
success := CkPrivateKey_SavePkcs8EncryptedFile(privKey,password,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

// PKCS8 Encrypted PEM
path := '/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem';
success := CkPrivateKey_SavePkcs8EncryptedPemFile(privKey,password,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

// PKCS8 Unencrypted DER
path := '/Users/chilkat/testData/privkeys/chilkat_pkcs8.der';
success := CkPrivateKey_SavePkcs8File(privKey,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

// PKCS8 Unencrypted PEM
path := '/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem';
success := CkPrivateKey_SavePkcs8PemFile(privKey,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

//  RSA DER (unencrypted)
path := '/Users/chilkat/testData/privkeys/chilkat_rsa.der';
success := CkPrivateKey_SavePkcs1File(privKey,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

// RSA PEM (unencrypted)
path := '/Users/chilkat/testData/privkeys/chilkat_rsa.pem';
success := CkPrivateKey_SavePemFile(privKey,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

// XML (unencrypted)
path := '/Users/chilkat/testData/privkeys/chilkat.xml';
success := CkPrivateKey_SaveXmlFile(privKey,path);
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privKey));
    Exit;
  end;

Memo1.Lines.Add('Private key exported to various formats.');

CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);

end;