PureBasic
PureBasic
Generate a CSR with SAN (Subject Alternative Name) Extension
See more CSR Examples
Demonstrates how to generate a private key and a Certificate Signing Request (CSR) that includes the SAN extension.Chilkat PureBasic Downloads
IncludeFile "CkFileAccess.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkCsr.pb"
IncludeFile "CkRsa.pb"
Procedure ChilkatExample()
success.i = 0
; This requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
; First generate an RSA private key.
; (It is also possible to create CSRs based on ECDSA private keys..)
rsa.i = CkRsa::ckCreate()
If rsa.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Generate a random 2048-bit RSA key.
privKey.i = CkPrivateKey::ckCreate()
If privKey.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkRsa::ckGenKey(rsa,2048,privKey)
If success = 0
Debug CkRsa::ckLastErrorText(rsa)
CkRsa::ckDispose(rsa)
CkPrivateKey::ckDispose(privKey)
ProcedureReturn
EndIf
; Create the CSR object and set properties.
csr.i = CkCsr::ckCreate()
If csr.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Specify the Common Name.
CkCsr::setCkCommonName(csr, "mysubdomain.mydomain.com")
; Country Name (2 letter code)
CkCsr::setCkCountry(csr, "GB")
; State or Province Name (full name)
CkCsr::setCkState(csr, "Yorks")
; Locality Name (eg, city)
CkCsr::setCkLocality(csr, "York")
; Organization Name (eg, company)
CkCsr::setCkCompany(csr, "Internet Widgits Pty Ltd")
; Organizational Unit Name (eg, secion/division)
CkCsr::setCkCompanyDivision(csr, "IT")
; Email address
CkCsr::setCkEmailAddress(csr, "support@mydomain.com")
; Add Subject Alternative Names
; (The AddSan method is added in Chilkat v9.5.0.84)
; Call AddSan for each alternative name.
success = CkCsr::ckAddSan(csr,"dnsName","mydomain.com")
success = CkCsr::ckAddSan(csr,"dnsName","mysubdomain.mydomain.com")
success = CkCsr::ckAddSan(csr,"ipAddress","192.168.0.123")
; Create the CSR using the private key.
pemStr.s = CkCsr::ckGenCsrPem(csr,privKey)
If CkCsr::ckLastMethodSuccess(csr) <> 1
Debug CkCsr::ckLastErrorText(csr)
CkRsa::ckDispose(rsa)
CkPrivateKey::ckDispose(privKey)
CkCsr::ckDispose(csr)
ProcedureReturn
EndIf
; Save the private key and CSR to a files.
CkPrivateKey::ckSavePkcs8EncryptedPemFile(privKey,"password","qa_output/privKey1.pem")
fac.i = CkFileAccess::ckCreate()
If fac.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkFileAccess::ckWriteEntireTextFile(fac,"qa_output/csr1.pem",pemStr,"utf-8",0)
; Show the CSR.
Debug pemStr
; Sample output:
; -----BEGIN CERTIFICATE REQUEST-----
; MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
; bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
; HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
; IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
; AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
; H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
; YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
; KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
; 68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
; elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
; SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
; 26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
; 6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
; vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
; Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
; hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
; -----END CERTIFICATE REQUEST-----
CkRsa::ckDispose(rsa)
CkPrivateKey::ckDispose(privKey)
CkCsr::ckDispose(csr)
CkFileAccess::ckDispose(fac)
ProcedureReturn
EndProcedure