PowerShell
PowerShell
Export a Certificate's Private Key to Various Formats
See more Certificates Examples
Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
$cert = New-Object Chilkat.Cert
# Load from the PFX file
$pfxFilename = "/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx"
$pfxPassword = "test"
# A PFX typically contains certificates in the chain of authentication.
# The Chilkat cert object will choose the certificate w/
# private key farthest from the root authority cert.
# To access all the certificates in a PFX, use the
# Chilkat certificate store object instead.
$success = $cert.LoadPfxFile($pfxFilename,$pfxPassword)
if ($success -eq $false) {
$($cert.LastErrorText)
exit
}
# Get the private key...
$privKey = New-Object Chilkat.PrivateKey
$success = $cert.GetPrivateKey($privKey)
if ($success -eq $false) {
$($cert.LastErrorText)
exit
}
# Export to various formats:
$password = "secret"
# PKCS8 Encrypted DER
$path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der"
$success = $privKey.SavePkcs8EncryptedFile($password,$path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
# PKCS8 Encrypted PEM
$path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem"
$success = $privKey.SavePkcs8EncryptedPemFile($password,$path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
# PKCS8 Unencrypted DER
$path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.der"
$success = $privKey.SavePkcs8File($path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
# PKCS8 Unencrypted PEM
$path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem"
$success = $privKey.SavePkcs8PemFile($path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
# RSA DER (unencrypted)
$path = "/Users/chilkat/testData/privkeys/chilkat_rsa.der"
$success = $privKey.SavePkcs1File($path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
# RSA PEM (unencrypted)
$path = "/Users/chilkat/testData/privkeys/chilkat_rsa.pem"
$success = $privKey.SavePemFile($path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
# XML (unencrypted)
$path = "/Users/chilkat/testData/privkeys/chilkat.xml"
$success = $privKey.SaveXmlFile($path)
if ($success -eq $false) {
$($privKey.LastErrorText)
exit
}
$("Private key exported to various formats.")