DataFlex
DataFlex
Generate a CSR with SAN (Subject Alternative Name) Extension
See more CSR Examples
Demonstrates how to generate a private key and a Certificate Signing Request (CSR) that includes the SAN extension.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoRsa
Variant vPrivKey
Handle hoPrivKey
Handle hoCsr
String sPemStr
Handle hoFac
String sTemp1
Boolean bTemp1
Move False To iSuccess
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First generate an RSA private key.
// (It is also possible to create CSRs based on ECDSA private keys..)
Get Create (RefClass(cComChilkatRsa)) To hoRsa
If (Not(IsComObjectCreated(hoRsa))) Begin
Send CreateComObject of hoRsa
End
// Generate a random 2048-bit RSA key.
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get pvComObject of hoPrivKey to vPrivKey
Get ComGenKey Of hoRsa 2048 vPrivKey To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoRsa To sTemp1
Showln sTemp1
Procedure_Return
End
// Create the CSR object and set properties.
Get Create (RefClass(cComChilkatCsr)) To hoCsr
If (Not(IsComObjectCreated(hoCsr))) Begin
Send CreateComObject of hoCsr
End
// Specify the Common Name.
Set ComCommonName Of hoCsr To "mysubdomain.mydomain.com"
// Country Name (2 letter code)
Set ComCountry Of hoCsr To "GB"
// State or Province Name (full name)
Set ComState Of hoCsr To "Yorks"
// Locality Name (eg, city)
Set ComLocality Of hoCsr To "York"
// Organization Name (eg, company)
Set ComCompany Of hoCsr To "Internet Widgits Pty Ltd"
// Organizational Unit Name (eg, secion/division)
Set ComCompanyDivision Of hoCsr To "IT"
// Email address
Set ComEmailAddress Of hoCsr To "support@mydomain.com"
// Add Subject Alternative Names
// (The AddSan method is added in Chilkat v9.5.0.84)
// Call AddSan for each alternative name.
Get ComAddSan Of hoCsr "dnsName" "mydomain.com" To iSuccess
Get ComAddSan Of hoCsr "dnsName" "mysubdomain.mydomain.com" To iSuccess
Get ComAddSan Of hoCsr "ipAddress" "192.168.0.123" To iSuccess
// Create the CSR using the private key.
Get pvComObject of hoPrivKey to vPrivKey
Get ComGenCsrPem Of hoCsr vPrivKey To sPemStr
Get ComLastMethodSuccess Of hoCsr To bTemp1
If (bTemp1 <> True) Begin
Get ComLastErrorText Of hoCsr To sTemp1
Showln sTemp1
Procedure_Return
End
// Save the private key and CSR to a files.
Get ComSavePkcs8EncryptedPemFile Of hoPrivKey "password" "qa_output/privKey1.pem" To iSuccess
Get Create (RefClass(cComCkFileAccess)) To hoFac
If (Not(IsComObjectCreated(hoFac))) Begin
Send CreateComObject of hoFac
End
Get ComWriteEntireTextFile Of hoFac "qa_output/csr1.pem" sPemStr "utf-8" False To iSuccess
// Show the CSR.
Showln sPemStr
// Sample output:
// -----BEGIN CERTIFICATE REQUEST-----
// MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
// bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
// HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
// IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
// AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
// H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
// YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
// KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
// 68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
// elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
// SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
// 26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
// 6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
// vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
// Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
// hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
// -----END CERTIFICATE REQUEST-----
End_Procedure