|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Classic ASP) Export a Private Key from an MS Storage ProviderDemonstrates how to export a private key from a Microsoft Storage Provider. Note: This example requires Chilkat v9.5.0.83 or greater.
<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body> <% ' This example requires Chilkat v9.5.0.83 or greater. ' We'll export a certificate's private key from the MS storage provider. ' It is assumed the certificate + private key is already installed on the Windows system. ' The export does not remove the key from the Windows storage provider. ' First, let's get a certificate in one of the many ways we can do it. ' (I ran certmgr.msc, opened a certificate, and noted it's thumbprint.) ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Cert") set cert = Server.CreateObject("Chilkat.Cert") success = cert.LoadByThumbprint("ea5a129c1919a52d238ee28d9f3a8f345b768388","hex") If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( cert.LastErrorText) & "</pre>" Response.End End If Response.Write "<pre>" & Server.HTMLEncode( "Found: " & cert.SubjectDN) & "</pre>" ' First export the private key the easy way. ' privKey is a Chilkat.PrivateKey Set privKey = cert.ExportPrivateKey() If (cert.LastMethodSuccess = 0) Then Response.Write "<pre>" & Server.HTMLEncode( cert.LastErrorText) & "</pre>" Response.End End If ' OK.. we have the private key. Do whatever we want with it.. ' ------------------------------------------------------------- ' Now let's export in a more roundabout way by getting information about the ' storage provider and key name and then we'll export completely independent ' of the certificate. ' ' Remember: The private key is not contained within the certificate. An X.509 certificate ' embeds the public key, but the counterpart private key is stored elsewhere, such ' as in a .pfx/.p12, or as in this case, in the Windows "protected store", or perhaps on ' a smartcard or hardware token. (But a private key stored on a smartcard or token cannot ' be exported. It must remain on the hardware.) ' storageProvider = cert.CspName keyName = cert.KeyContainerName Response.Write "<pre>" & Server.HTMLEncode( "Information about the certificate's private key:") & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( "Storage Provider: " & storageProvider) & "</pre>" Response.Write "<pre>" & Server.HTMLEncode( "Key Name: " & keyName) & "</pre>" ' Export using just the name of the storage provider and key. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.KeyContainer") set keyCon = Server.CreateObject("Chilkat.KeyContainer") ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.PrivateKey") set privKey2 = Server.CreateObject("Chilkat.PrivateKey") silentFlag = 0 success = keyCon.ExportKey(keyName,storageProvider,silentFlag,privKey2) If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( keyCon.LastErrorText) & "</pre>" Response.End End If ' OK.. we have the private key in privKey2. Do whatever we want with it.. ' Perhaps we save as encrypted PKCS8 PEM. success = privKey2.SavePkcs8EncryptedPemFile("myPassword","qa_output/privKey2.pem") If (success = 0) Then Response.Write "<pre>" & Server.HTMLEncode( privKey2.LastErrorText) & "</pre>" Response.End End If Response.Write "<pre>" & Server.HTMLEncode( "Success.") & "</pre>" %> </body> </html> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.