(Perl) Generate a CSR with SAN (Subject Alternative Name) Extension

Demonstrates how to generate a private key and a Certificate Signing Request (CSR) that includes the SAN extension.

Note: This example requires Chilkat v9.5.0.84 or greater.

Chilkat Perl Downloads Perl Module for Windows, MacOS, Linux, Alpine Linux, Solaris

use chilkat();

# Note: Requires Chilkat v9.5.0.84 or greater.

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# First generate an RSA private key.
# (It is also possible to create CSRs based on ECDSA private keys..)
$rsa = chilkat::CkRsa->new();

# Generate a random 2048-bit RSA key.
$success = $rsa->GenerateKey(2048);
if ($success != 1) {
    print $rsa->lastErrorText() . "\r\n";
    exit;
}

# Get the private key
# privKey is a PrivateKey
$privKey = $rsa->ExportPrivateKeyObj();

# Create the CSR object and set properties.
$csr = chilkat::CkCsr->new();

# Specify the Common Name. 
$csr->put_CommonName("mysubdomain.mydomain.com");

# Country Name (2 letter code)
$csr->put_Country("GB");

# State or Province Name (full name)
$csr->put_State("Yorks");

# Locality Name (eg, city)
$csr->put_Locality("York");

# Organization Name (eg, company)
$csr->put_Company("Internet Widgits Pty Ltd");

# Organizational Unit Name (eg, secion/division)
$csr->put_CompanyDivision("IT");

# Email address
$csr->put_EmailAddress('support@mydomain.com');

# Add Subject Alternative Names
# (The AddSan method is added in Chilkat v9.5.0.84)
# Call AddSan for each alternative name.
$success = $csr->AddSan("dnsName","mydomain.com");
$success = $csr->AddSan("dnsName","mysubdomain.mydomain.com");
$success = $csr->AddSan("ipAddress","192.168.0.123");

# Create the CSR using the private key.
$pemStr = $csr->genCsrPem($privKey);
if ($csr->get_LastMethodSuccess() != 1) {
    print $csr->lastErrorText() . "\r\n";

    exit;
}

# Save the private key and CSR to a files.
$privKey->SavePkcs8EncryptedPemFile("password","qa_output/privKey1.pem");

$fac = chilkat::CkFileAccess->new();
$fac->WriteEntireTextFile("qa_output/csr1.pem",$pemStr,"utf-8",0);

# Show the CSR.
print $pemStr . "\r\n";

# Sample output:

# 	-----BEGIN CERTIFICATE REQUEST-----
# 	MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
# 	bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
# 	HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
# 	IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
# 	AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
# 	H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
# 	YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
# 	KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
# 	68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
# 	elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
# 	SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
# 	26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
# 	6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
# 	vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
# 	Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
# 	hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
# 	-----END CERTIFICATE REQUEST-----