Delphi ActiveX
Delphi ActiveX
Get Certificates from .p12 / .pfx
See more PFX/P12 Examples
A PKCS12 (.p12 / .pfx) is a container for holding a certificate, its private key, and the certs in the chain of authentication up to and possibly including the root CA cert. A .p12 is not required to contain certain things. It will contain whatever the creator of the .p12 decided to include. It's possible to contain just a private key, just a cert, many certs without private keys, or many certs with many private keys. Usually, a .p12 contains one certificate, its associated private key, and certificates in the chain of authentication.Chilkat Delphi ActiveX Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
pfx: TChilkatPfx;
cert: TChilkatCert;
numCerts: Integer;
i: Integer;
issuer: IChilkatCert;
begin
success := 0;
pfx := TChilkatPfx.Create(Self);
success := pfx.LoadPfxFile('qa_data/pfx/test.pfx','pfx_password');
if (success = 0) then
begin
Memo1.Lines.Add(pfx.LastErrorText);
Exit;
end;
// Iterate over the certs contained in the PFX
cert := TChilkatCert.Create(Self);
numCerts := pfx.NumCerts;
i := 0;
while i < numCerts do
begin
pfx.CertAt(i,cert.ControlInterface);
Memo1.Lines.Add('--- ' + IntToStr(i) + ' ---');
Memo1.Lines.Add(cert.SubjectDN);
// Is this a root cert, or self-signed?
Memo1.Lines.Add('Root: ' + IntToStr(Ord(cert.IsRoot)));
Memo1.Lines.Add('Self-Signed: ' + IntToStr(Ord(cert.SelfSigned)));
// If this certificate is not the root (self-signed), then get the issuer.
// If the issuing certificate is contained in the PFX, then it will be found here..
if (cert.SelfSigned <> 1) then
begin
issuer := cert.FindIssuer();
if (cert.LastMethodSuccess = 0) then
begin
Memo1.Lines.Add('Issuer not found.');
end
else
begin
Memo1.Lines.Add('Issuer: ' + issuer.SubjectDN);
end;
end;
i := i + 1;
end;
// Usually, the user certificate is at index 0, its issuer is at index 1, etc. until we get to the root certificate.
end;