(MFC) Duplicate openssl pkcs12 –export –in certfile.cer –inkey certfile.key –out certfile.pfx

How to create a PKCS12 (.p12 or .pfx) from a certificate file and private key file: Demonstrates how to duplicate this OpenSSL command:

Duplicate openssl pkcs12 –export –in certfile.cer –inkey certfile.key –out certfile.pfx

Chilkat C/C++ Library Downloads MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkGlobal.h>
#include <CkPrivateKey.h>
#include <CkCert.h>
#include <CkCertChain.h>
#include <CkPfx.h>

void ChilkatSample(void)
    {
    CkString strOut;

    bool success;

    // The PFX class requires the software to be unlocked..
    CkGlobal global;
    success = global.UnlockBundle("Anything for 30-day trial");
    if (success != true) {
        strOut.append(global.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    CkPrivateKey pkey;

    // Load the private key from the file.
    // There are several methods for loading private keys from a file:
    //     LoadPkcs8File
    //     LoadRsaDerFile
    //     LoadPemFile
    //     LoadPvkFile
    //     LoadXmlFile
    // In actuality, it doesn't matter which one is called. In all cases
    // Chilkat will automatically recognize the format of the private key
    // file and load it correctly.  Therefore, even if actual contents
    // of the file does not agree with the name of the method, it will still work.
    // The only way it won't work is if it's not actually a private key file
    // (perhaps it is only a public key file), or perhaps the private key
    // file is encrypted and requires a password.  In that case, you would
    // call one of the Chilkat methods to load the encrypted private key file
    // (and these methods include an argument to specify the password).
    success = pkey.LoadPkcs8File("certFile.key");
    if (success != true) {
        strOut.append(pkey.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    CkCert cert;
    // The LoadFromFile method auto-recognizes the format...
    success = cert.LoadFromFile("certfile.cer");
    if (success != true) {
        strOut.append(cert.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // We'll need a cert chain object to create the PKCS12, so get it
    // from the cert.  
    CkCertChain *certChain = 0;
    certChain = cert.GetCertChain();
    if (!cert.get_LastMethodSuccess()) {
        strOut.append(cert.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Create the PFX object, add the cert and private key, and write to a .pfx file.
    CkPfx pfx;

    // The cert(s) are automatically added in the call to AddPrivateKey
    success = pfx.AddPrivateKey(pkey,*certChain);
    if (success != true) {
        strOut.append(pfx.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // Write the .pfx to a file.
    const char *password = "myPassword";
    success = pfx.ToFile(password,"certfile.pfx");
    if (success != true) {
        strOut.append(pfx.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    strOut.append("Success.");
    strOut.append("\r\n");


    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }