(C) Export a Certificate's Private Key to Various Formats

Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.

Note: This example requires Chilkat v11.0.0 or greater.

Chilkat C/C++ Library Downloads
MS Visual C/C++ C++ Builder Linux C/C++ Alpine Linux C/C++	MacOS C/C++ iOS C/C++ Android C/C++ MinGW C/C++

#include <C_CkCert.h>
#include <C_CkPrivateKey.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCert cert;
    const char *pfxFilename;
    const char *pfxPassword;
    HCkPrivateKey privKey;
    const char *password;
    const char *path;

    success = FALSE;

    cert = CkCert_Create();

    // Load from the PFX file
    pfxFilename = "/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx";
    pfxPassword = "test";

    // A PFX typically contains certificates in the chain of authentication.
    // The Chilkat cert object will choose the certificate w/
    // private key farthest from the root authority cert.
    // To access all the certificates in a PFX, use the 
    // Chilkat certificate store object instead.
    success = CkCert_LoadPfxFile(cert,pfxFilename,pfxPassword);
    if (success == FALSE) {
        printf("%s\n",CkCert_lastErrorText(cert));
        CkCert_Dispose(cert);
        return;
    }

    // Get the private key...
    privKey = CkPrivateKey_Create();
    success = CkCert_GetPrivateKey(cert,privKey);
    if (success == FALSE) {
        printf("%s\n",CkCert_lastErrorText(cert));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    // Export to various formats:

    password = "secret";

    // PKCS8 Encrypted DER
    path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der";
    success = CkPrivateKey_SavePkcs8EncryptedFile(privKey,password,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    // PKCS8 Encrypted PEM
    path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem";
    success = CkPrivateKey_SavePkcs8EncryptedPemFile(privKey,password,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    // PKCS8 Unencrypted DER
    path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.der";
    success = CkPrivateKey_SavePkcs8File(privKey,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    // PKCS8 Unencrypted PEM
    path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem";
    success = CkPrivateKey_SavePkcs8PemFile(privKey,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    //  RSA DER (unencrypted)
    path = "/Users/chilkat/testData/privkeys/chilkat_rsa.der";
    success = CkPrivateKey_SavePkcs1File(privKey,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    // RSA PEM (unencrypted)
    path = "/Users/chilkat/testData/privkeys/chilkat_rsa.pem";
    success = CkPrivateKey_SavePemFile(privKey,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    // XML (unencrypted)
    path = "/Users/chilkat/testData/privkeys/chilkat.xml";
    success = CkPrivateKey_SaveXmlFile(privKey,path);
    if (success == FALSE) {
        printf("%s\n",CkPrivateKey_lastErrorText(privKey));
        CkCert_Dispose(cert);
        CkPrivateKey_Dispose(privKey);
        return;
    }

    printf("Private key exported to various formats.\n");


    CkCert_Dispose(cert);
    CkPrivateKey_Dispose(privKey);

    }