Sample code for 30+ languages & platforms
Delphi ActiveX

Convert Let's Encrypt PEM Files to a PFX

See more PFX/P12 Examples

Demonstrates how to convert the .pem files provided by Let's Encrypt to a single PFX.

Chilkat Delphi ActiveX Downloads

Delphi ActiveX
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
sbPem: TChilkatStringBuilder;
sbFullChainPem: TChilkatStringBuilder;
pfx: TChilkatPfx;
pfxPassword: WideString;

begin
success := 0;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Let's Encrypt provides four .pem files
// 1. fullchain.pem
// 2. privkey.pem
// 3. cert.pem
// 4. chain.pem

// The cert.pem and chain.pem are redundant. 
// The fullchain.pem is composed of the cert.pem and chain.pem.

// To convert the PEM's to a single .pfx, we don't need the redundant data.
// The privkey.pem and fullchain.pem provide the required data.
// We can ignore cert.pem and chain.pem (because those certs are already found in fullchain.pem).

// We need a single .pem file that contains both the private key, the cert,
// and the certs in the chain of authentication.
// Let's combine priveky.pem and fullchain.pem into a single .pem

sbPem := TChilkatStringBuilder.Create(Self);
success := sbPem.LoadFile('qa_data/pem/lets_encrypt/privkey.pem','utf-8');
if (success = 0) then
  begin
    Memo1.Lines.Add('Failed to load privkey.pem');
    Exit;
  end;

// To be safe, append a blank line..
sbPem.AppendLine('',0);

sbFullChainPem := TChilkatStringBuilder.Create(Self);
success := sbFullChainPem.LoadFile('qa_data/pem/lets_encrypt/fullchain.pem','utf-8');
if (success = 0) then
  begin
    Memo1.Lines.Add('Failed to load fullchain.pem');
    Exit;
  end;

// Append the full cert chain PEM to the private key PEM.
sbPem.AppendSb(sbFullChainPem.ControlInterface);

// Load the combined PEM into a Chilkat PFX object.
pfx := TChilkatPfx.Create(Self);
success := pfx.LoadPem(sbPem.GetAsString(),'no password required');
if (success = 0) then
  begin
    Memo1.Lines.Add(pfx.LastErrorText);
    Exit;
  end;

// Write the PFX w/ a password.
pfxPassword := 'secret';
success := pfx.ToFile(pfxPassword,'qa_output/sample.pfx');
if (success = 0) then
  begin
    Memo1.Lines.Add(pfx.LastErrorText);
    Exit;
  end;

Memo1.Lines.Add('Success!');
end;