Sample code for 30+ languages & platforms
AutoIt

Get Certificates from .p12 / .pfx

See more PFX/P12 Examples

A PKCS12 (.p12 / .pfx) is a container for holding a certificate, its private key, and the certs in the chain of authentication up to and possibly including the root CA cert. A .p12 is not required to contain certain things. It will contain whatever the creator of the .p12 decided to include. It's possible to contain just a private key, just a cert, many certs without private keys, or many certs with many private keys. Usually, a .p12 contains one certificate, its associated private key, and certificates in the chain of authentication.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

$oPfx = ObjCreate("Chilkat.Pfx")

$bSuccess = $oPfx.LoadPfxFile("qa_data/pfx/test.pfx","pfx_password")
If ($bSuccess = False) Then
    ConsoleWrite($oPfx.LastErrorText & @CRLF)
    Exit
EndIf

; Iterate over the certs contained in the PFX
$oCert = ObjCreate("Chilkat.Cert")
Local $iNumCerts = $oPfx.NumCerts
Local $i = 0
While $i < $iNumCerts

    $oPfx.CertAt($i,$oCert)

    ConsoleWrite("--- " & $i & " ---" & @CRLF)
    ConsoleWrite($oCert.SubjectDN & @CRLF)
    ; Is this a root cert, or self-signed?
    ConsoleWrite("Root: " & $oCert.IsRoot & @CRLF)
    ConsoleWrite("Self-Signed: " & $oCert.SelfSigned & @CRLF)

    ; If this certificate is not the root (self-signed), then get the issuer.
    ; If the issuing certificate is contained in the PFX, then it will be found here..
    If ($oCert.SelfSigned <> True) Then
Local $oIssuer = $oCert.FindIssuer()
        If ($oCert.LastMethodSuccess = False) Then
            ConsoleWrite("Issuer not found." & @CRLF)
        Else
            ConsoleWrite("Issuer: " & $oIssuer.SubjectDN & @CRLF)

        EndIf

    EndIf

    $i = $i + 1
Wend

; Usually, the user certificate is at index 0, its issuer is at index 1, etc. until we get to the root certificate.