Sample code for 30+ languages & platforms
PHP Extension

Export a Certificate's Private Key to Various Formats

See more Certificates Examples

Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

$cert = new CkCert();

// Load from the PFX file
$pfxFilename = '/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx';
$pfxPassword = 'test';

// A PFX typically contains certificates in the chain of authentication.
// The Chilkat cert object will choose the certificate w/
// private key farthest from the root authority cert.
// To access all the certificates in a PFX, use the 
// Chilkat certificate store object instead.
$success = $cert->LoadPfxFile($pfxFilename,$pfxPassword);
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// Get the private key...
$privKey = new CkPrivateKey();
$success = $cert->GetPrivateKey($privKey);
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// Export to various formats:

$password = 'secret';

// PKCS8 Encrypted DER
$path = '/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der';
$success = $privKey->SavePkcs8EncryptedFile($password,$path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

// PKCS8 Encrypted PEM
$path = '/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem';
$success = $privKey->SavePkcs8EncryptedPemFile($password,$path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

// PKCS8 Unencrypted DER
$path = '/Users/chilkat/testData/privkeys/chilkat_pkcs8.der';
$success = $privKey->SavePkcs8File($path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

// PKCS8 Unencrypted PEM
$path = '/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem';
$success = $privKey->SavePkcs8PemFile($path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

//  RSA DER (unencrypted)
$path = '/Users/chilkat/testData/privkeys/chilkat_rsa.der';
$success = $privKey->SavePkcs1File($path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

// RSA PEM (unencrypted)
$path = '/Users/chilkat/testData/privkeys/chilkat_rsa.pem';
$success = $privKey->SavePemFile($path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

// XML (unencrypted)
$path = '/Users/chilkat/testData/privkeys/chilkat.xml';
$success = $privKey->SaveXmlFile($path);
if ($success == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

print 'Private key exported to various formats.' . "\n";

?>