DataFlex
DataFlex
AWS KMS Import PFX Key
See more AWS KMS Examples
Imports a certificate's private key from a .pfx file to new key created in AWS KMS.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoCert
Variant vPrivKey
Handle hoPrivKey
Variant vJson
Handle hoJson
Variant vJsonOut
Handle hoJsonOut
String sTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: This example is using a relative file path. You can also specify a full file path, such as "C:/someDir/myCertAndKey.pfx"
// or a file path the makes sense on non-Windows operating systems..
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadPfxFile Of hoCert "qa_data/pfx/myCertAndKey.pfx" "pfx_password" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Get the cert's private key. This is what will be uploaded to AWS KMS.
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get pvComObject of hoPrivKey to vPrivKey
Get ComGetPrivateKey Of hoCert vPrivKey To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Get ComUpdateString Of hoJson "service" "aws-kms" To iSuccess
Get ComUpdateString Of hoJson "auth.access_key" "AWS_ACCESS_KEY" To iSuccess
Get ComUpdateString Of hoJson "auth.secret_key" "AWS_SECRET_KEY" To iSuccess
Get ComUpdateString Of hoJson "auth.region" "us-west-2" To iSuccess
Get ComUpdateString Of hoJson "description" "Test of uploading existing private key to AWS KMS" To iSuccess
// Let's add some information about the certificate this key belongs to.
// This is for informational purposes only, so that we can examine the tags
// in the AWS KMS console and know the corresponding certificate.
Get ComUpdateString Of hoJson "tags[0].key" "CertSerial" To iSuccess
Get ComSerialNumber Of hoCert To sTemp1
Get ComUpdateString Of hoJson "tags[0].value" sTemp1 To iSuccess
Get ComUpdateString Of hoJson "tags[1].key" "CertIssuer" To iSuccess
Get ComIssuerCN Of hoCert To sTemp1
Get ComUpdateString Of hoJson "tags[1].value" sTemp1 To iSuccess
Get ComUpdateString Of hoJson "tags[2].key" "CertSubject" To iSuccess
Get ComSubjectCN Of hoCert To sTemp1
Get ComUpdateString Of hoJson "tags[2].value" sTemp1 To iSuccess
Get ComUpdateString Of hoJson "keyUsage" "SIGN_VERIFY" To iSuccess
// The UploadToCloud method was added in Chilkat v9.5.0.96
Get Create (RefClass(cComChilkatJsonObject)) To hoJsonOut
If (Not(IsComObjectCreated(hoJsonOut))) Begin
Send CreateComObject of hoJsonOut
End
Get pvComObject of hoJson to vJson
Get pvComObject of hoJsonOut to vJsonOut
Get ComUploadToCloud Of hoPrivKey vJson vJsonOut To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPrivKey To sTemp1
Showln sTemp1
Procedure_Return
End
// When successful, the jsonOut contains information about the private key in AWS KMS.
// Most importantly, the KeyId.
Set ComEmitCompact Of hoJsonOut To False
Get ComEmit Of hoJsonOut To sTemp1
Showln sTemp1
// Sample JSON result:
// {
// "AWSAccountId": "954491834127",
// "Arn": "arn:aws:kms:us-west-2:954491834127:key/187012e8-008f-4fc7-b100-5efe6146dff2",
// "KeySpec": "RSA_4096",
// "Description": "Test of uploading existing private key to AWS KMS",
// "KeyId": "187012e8-008f-4fc7-b100-5efe6146dff2",
// "KeyUsage": "SIGN_VERIFY"
// }
End_Procedure