Sample code for 30+ languages & platforms
Delphi ActiveX

Generate Key and Certificate Signing Request (CSR)

See more CSR Examples

Demonstrates how to generate a new RSA key and a Certificate Signing Request (CSR).

Note: This example requires Chilkat v9.5.0.65 or greater.

Chilkat Delphi ActiveX Downloads

Delphi ActiveX
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
rsa: TChilkatRsa;
privKey: TPrivateKey;
csr: TChilkatCsr;
pemStr: WideString;
fac: TCkFileAccess;

begin
success := 0;

// Note: Requires Chilkat v9.5.0.65 or greater.

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First generate an RSA private key.
rsa := TChilkatRsa.Create(Self);

// Generate a random 2048-bit RSA key.
privKey := TPrivateKey.Create(Self);
success := rsa.GenKey(2048,privKey.ControlInterface);
if (success = 0) then
  begin
    Memo1.Lines.Add(rsa.LastErrorText);
    Exit;
  end;

// Create the CSR object and set properties.
csr := TChilkatCsr.Create(Self);

// Specify the Common Name.  This is the only required property.
// For SSL/TLS certificates, this would be the domain name. 
// For email certificates this would be the email address. 
csr.CommonName := 'mysubdomain.mydomain.com';

// Country Name (2 letter code)
csr.Country := 'GB';

// State or Province Name (full name)
csr.State := 'Yorks';

// Locality Name (eg, city)
csr.Locality := 'York';

// Organization Name (eg, company)
csr.Company := 'Internet Widgits Pty Ltd';

// Organizational Unit Name (eg, secion/division)
csr.CompanyDivision := 'IT';

// Email address
csr.EmailAddress := 'support@mydomain.com';

// Create the CSR using the private key.
pemStr := csr.GenCsrPem(privKey.ControlInterface);
if (csr.LastMethodSuccess <> 1) then
  begin
    Memo1.Lines.Add(csr.LastErrorText);
    Exit;
  end;

// Save the private key and CSR to a files.
privKey.SavePkcs8EncryptedPemFile('password','qa_output/privKey1.pem');

fac := TCkFileAccess.Create(Self);
fac.WriteEntireTextFile('qa_output/csr1.pem',pemStr,'utf-8',0);

// Show the CSR.
Memo1.Lines.Add(pemStr);

// Sample output:
// The CSR PEM can be checked here:
// https://www.networking4all.com/en/support/tools/csr+check/
// Copy-and-paste the PEM into the online CSR Decoding / CSR Verification form

// 	-----BEGIN CERTIFICATE REQUEST-----
// 	MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
// 	bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
// 	HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
// 	IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
// 	AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
// 	H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
// 	YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
// 	KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
// 	68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
// 	elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
// 	SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
// 	26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
// 	6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
// 	vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
// 	Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
// 	hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
// 	-----END CERTIFICATE REQUEST-----
end;