Sample code for 30+ languages & platforms
C

Generate a CSR with SAN (Subject Alternative Name) Extension

See more CSR Examples

Demonstrates how to generate a private key and a Certificate Signing Request (CSR) that includes the SAN extension.

Chilkat C Downloads

C
#include <C_CkRsa.h>
#include <C_CkPrivateKey.h>
#include <C_CkCsr.h>
#include <C_CkFileAccess.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkRsa rsa;
    HCkPrivateKey privKey;
    HCkCsr csr;
    const char *pemStr;
    HCkFileAccess fac;

    success = FALSE;

    //  This requires the Chilkat API to have been previously unlocked.
    //  See Global Unlock Sample for sample code.

    //  First generate an RSA private key.
    //  (It is also possible to create CSRs based on ECDSA private keys..)
    rsa = CkRsa_Create();

    //  Generate a random 2048-bit RSA key.
    privKey = CkPrivateKey_Create();
    success = CkRsa_GenKey(rsa,2048,privKey);
    if (success == FALSE) {
        printf("%s\n",CkRsa_lastErrorText(rsa));
        CkRsa_Dispose(rsa);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    //  Create the CSR object and set properties.
    csr = CkCsr_Create();

    //  Specify the Common Name. 
    CkCsr_putCommonName(csr,"mysubdomain.mydomain.com");

    //  Country Name (2 letter code)
    CkCsr_putCountry(csr,"GB");

    //  State or Province Name (full name)
    CkCsr_putState(csr,"Yorks");

    //  Locality Name (eg, city)
    CkCsr_putLocality(csr,"York");

    //  Organization Name (eg, company)
    CkCsr_putCompany(csr,"Internet Widgits Pty Ltd");

    //  Organizational Unit Name (eg, secion/division)
    CkCsr_putCompanyDivision(csr,"IT");

    //  Email address
    CkCsr_putEmailAddress(csr,"support@mydomain.com");

    //  Add Subject Alternative Names
    //  (The AddSan method is added in Chilkat v9.5.0.84)
    //  Call AddSan for each alternative name.
    success = CkCsr_AddSan(csr,"dnsName","mydomain.com");
    success = CkCsr_AddSan(csr,"dnsName","mysubdomain.mydomain.com");
    success = CkCsr_AddSan(csr,"ipAddress","192.168.0.123");

    //  Create the CSR using the private key.
    pemStr = CkCsr_genCsrPem(csr,privKey);
    if (CkCsr_getLastMethodSuccess(csr) != TRUE) {
        printf("%s\n",CkCsr_lastErrorText(csr));
        CkRsa_Dispose(rsa);
        CkPrivateKey_Dispose(privKey);
        CkCsr_Dispose(csr);
        return;
    }

    //  Save the private key and CSR to a files.
    CkPrivateKey_SavePkcs8EncryptedPemFile(privKey,"password","qa_output/privKey1.pem");

    fac = CkFileAccess_Create();
    CkFileAccess_WriteEntireTextFile(fac,"qa_output/csr1.pem",pemStr,"utf-8",FALSE);

    //  Show the CSR.
    printf("%s\n",pemStr);

    //  Sample output:

    //  	-----BEGIN CERTIFICATE REQUEST-----
    //  	MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
    //  	bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
    //  	HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
    //  	IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
    //  	AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
    //  	H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
    //  	YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
    //  	KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
    //  	68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
    //  	elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
    //  	SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
    //  	26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
    //  	6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
    //  	vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
    //  	Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
    //  	hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
    //  	-----END CERTIFICATE REQUEST-----


    CkRsa_Dispose(rsa);
    CkPrivateKey_Dispose(privKey);
    CkCsr_Dispose(csr);
    CkFileAccess_Dispose(fac);

    }