Sample code for 30+ languages & platforms
Objective-C

Convert Let's Encrypt PEM Files to a PFX

See more PFX/P12 Examples

Demonstrates how to convert the .pem files provided by Let's Encrypt to a single PFX.

Chilkat Objective-C Downloads

Objective-C
#import <CkoStringBuilder.h>
#import <CkoPfx.h>
#import <NSString.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Let's Encrypt provides four .pem files
// 1. fullchain.pem
// 2. privkey.pem
// 3. cert.pem
// 4. chain.pem

// The cert.pem and chain.pem are redundant. 
// The fullchain.pem is composed of the cert.pem and chain.pem.

// To convert the PEM's to a single .pfx, we don't need the redundant data.
// The privkey.pem and fullchain.pem provide the required data.
// We can ignore cert.pem and chain.pem (because those certs are already found in fullchain.pem).

// We need a single .pem file that contains both the private key, the cert,
// and the certs in the chain of authentication.
// Let's combine priveky.pem and fullchain.pem into a single .pem

CkoStringBuilder *sbPem = [[CkoStringBuilder alloc] init];
success = [sbPem LoadFile: @"qa_data/pem/lets_encrypt/privkey.pem" charset: @"utf-8"];
if (success == NO) {
    NSLog(@"%@",@"Failed to load privkey.pem");
    return;
}

// To be safe, append a blank line..
[sbPem AppendLine: @"" crlf: NO];

CkoStringBuilder *sbFullChainPem = [[CkoStringBuilder alloc] init];
success = [sbFullChainPem LoadFile: @"qa_data/pem/lets_encrypt/fullchain.pem" charset: @"utf-8"];
if (success == NO) {
    NSLog(@"%@",@"Failed to load fullchain.pem");
    return;
}

// Append the full cert chain PEM to the private key PEM.
[sbPem AppendSb: sbFullChainPem];

// Load the combined PEM into a Chilkat PFX object.
CkoPfx *pfx = [[CkoPfx alloc] init];
success = [pfx LoadPem: [sbPem GetAsString] password: @"no password required"];
if (success == NO) {
    NSLog(@"%@",pfx.LastErrorText);
    return;
}

// Write the PFX w/ a password.
NSString *pfxPassword = @"secret";
success = [pfx ToFile: pfxPassword path: @"qa_output/sample.pfx"];
if (success == NO) {
    NSLog(@"%@",pfx.LastErrorText);
    return;
}

NSLog(@"%@",@"Success!");