Sample code for 30+ languages & platforms
Objective-C

Export a Certificate's Private Key to Various Formats

See more Certificates Examples

Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.

Chilkat Objective-C Downloads

Objective-C
#import <CkoCert.h>
#import <NSString.h>
#import <CkoPrivateKey.h>

BOOL success = NO;

CkoCert *cert = [[CkoCert alloc] init];

// Load from the PFX file
NSString *pfxFilename = @"/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx";
NSString *pfxPassword = @"test";

// A PFX typically contains certificates in the chain of authentication.
// The Chilkat cert object will choose the certificate w/
// private key farthest from the root authority cert.
// To access all the certificates in a PFX, use the 
// Chilkat certificate store object instead.
success = [cert LoadPfxFile: pfxFilename password: pfxPassword];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// Get the private key...
CkoPrivateKey *privKey = [[CkoPrivateKey alloc] init];
success = [cert GetPrivateKey: privKey];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// Export to various formats:

NSString *password = @"secret";
NSString *path = 0;

// PKCS8 Encrypted DER
path = @"/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der";
success = [privKey SavePkcs8EncryptedFile: password path: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// PKCS8 Encrypted PEM
path = @"/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem";
success = [privKey SavePkcs8EncryptedPemFile: password path: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// PKCS8 Unencrypted DER
path = @"/Users/chilkat/testData/privkeys/chilkat_pkcs8.der";
success = [privKey SavePkcs8File: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// PKCS8 Unencrypted PEM
path = @"/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem";
success = [privKey SavePkcs8PemFile: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

//  RSA DER (unencrypted)
path = @"/Users/chilkat/testData/privkeys/chilkat_rsa.der";
success = [privKey SavePkcs1File: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// RSA PEM (unencrypted)
path = @"/Users/chilkat/testData/privkeys/chilkat_rsa.pem";
success = [privKey SavePemFile: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

// XML (unencrypted)
path = @"/Users/chilkat/testData/privkeys/chilkat.xml";
success = [privKey SaveXmlFile: path];
if (success == NO) {
    NSLog(@"%@",privKey.LastErrorText);
    return;
}

NSLog(@"%@",@"Private key exported to various formats.");