C
C
Export a Certificate's Private Key to Various Formats
See more Certificates Examples
Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.Chilkat C Downloads
#include <C_CkCert.h>
#include <C_CkPrivateKey.h>
void ChilkatSample(void)
{
BOOL success;
HCkCert cert;
const char *pfxFilename;
const char *pfxPassword;
HCkPrivateKey privKey;
const char *password;
const char *path;
success = FALSE;
cert = CkCert_Create();
// Load from the PFX file
pfxFilename = "/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx";
pfxPassword = "test";
// A PFX typically contains certificates in the chain of authentication.
// The Chilkat cert object will choose the certificate w/
// private key farthest from the root authority cert.
// To access all the certificates in a PFX, use the
// Chilkat certificate store object instead.
success = CkCert_LoadPfxFile(cert,pfxFilename,pfxPassword);
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkCert_Dispose(cert);
return;
}
// Get the private key...
privKey = CkPrivateKey_Create();
success = CkCert_GetPrivateKey(cert,privKey);
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// Export to various formats:
password = "secret";
// PKCS8 Encrypted DER
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der";
success = CkPrivateKey_SavePkcs8EncryptedFile(privKey,password,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// PKCS8 Encrypted PEM
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem";
success = CkPrivateKey_SavePkcs8EncryptedPemFile(privKey,password,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// PKCS8 Unencrypted DER
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.der";
success = CkPrivateKey_SavePkcs8File(privKey,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// PKCS8 Unencrypted PEM
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem";
success = CkPrivateKey_SavePkcs8PemFile(privKey,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// RSA DER (unencrypted)
path = "/Users/chilkat/testData/privkeys/chilkat_rsa.der";
success = CkPrivateKey_SavePkcs1File(privKey,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// RSA PEM (unencrypted)
path = "/Users/chilkat/testData/privkeys/chilkat_rsa.pem";
success = CkPrivateKey_SavePemFile(privKey,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// XML (unencrypted)
path = "/Users/chilkat/testData/privkeys/chilkat.xml";
success = CkPrivateKey_SaveXmlFile(privKey,path);
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
printf("Private key exported to various formats.\n");
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
}