Sample code for 30+ languages & platforms
PureBasic

Generate a CSR with SAN (Subject Alternative Name) Extension

See more CSR Examples

Demonstrates how to generate a private key and a Certificate Signing Request (CSR) that includes the SAN extension.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkFileAccess.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkCsr.pb"
IncludeFile "CkRsa.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; First generate an RSA private key.
    ; (It is also possible to create CSRs based on ECDSA private keys..)
    rsa.i = CkRsa::ckCreate()
    If rsa.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Generate a random 2048-bit RSA key.
    privKey.i = CkPrivateKey::ckCreate()
    If privKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkRsa::ckGenKey(rsa,2048,privKey)
    If success = 0
        Debug CkRsa::ckLastErrorText(rsa)
        CkRsa::ckDispose(rsa)
        CkPrivateKey::ckDispose(privKey)
        ProcedureReturn
    EndIf

    ; Create the CSR object and set properties.
    csr.i = CkCsr::ckCreate()
    If csr.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Specify the Common Name. 
    CkCsr::setCkCommonName(csr, "mysubdomain.mydomain.com")

    ; Country Name (2 letter code)
    CkCsr::setCkCountry(csr, "GB")

    ; State or Province Name (full name)
    CkCsr::setCkState(csr, "Yorks")

    ; Locality Name (eg, city)
    CkCsr::setCkLocality(csr, "York")

    ; Organization Name (eg, company)
    CkCsr::setCkCompany(csr, "Internet Widgits Pty Ltd")

    ; Organizational Unit Name (eg, secion/division)
    CkCsr::setCkCompanyDivision(csr, "IT")

    ; Email address
    CkCsr::setCkEmailAddress(csr, "support@mydomain.com")

    ; Add Subject Alternative Names
    ; (The AddSan method is added in Chilkat v9.5.0.84)
    ; Call AddSan for each alternative name.
    success = CkCsr::ckAddSan(csr,"dnsName","mydomain.com")
    success = CkCsr::ckAddSan(csr,"dnsName","mysubdomain.mydomain.com")
    success = CkCsr::ckAddSan(csr,"ipAddress","192.168.0.123")

    ; Create the CSR using the private key.
    pemStr.s = CkCsr::ckGenCsrPem(csr,privKey)
    If CkCsr::ckLastMethodSuccess(csr) <> 1
        Debug CkCsr::ckLastErrorText(csr)
        CkRsa::ckDispose(rsa)
        CkPrivateKey::ckDispose(privKey)
        CkCsr::ckDispose(csr)
        ProcedureReturn
    EndIf

    ; Save the private key and CSR to a files.
    CkPrivateKey::ckSavePkcs8EncryptedPemFile(privKey,"password","qa_output/privKey1.pem")

    fac.i = CkFileAccess::ckCreate()
    If fac.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkFileAccess::ckWriteEntireTextFile(fac,"qa_output/csr1.pem",pemStr,"utf-8",0)

    ; Show the CSR.
    Debug pemStr

    ; Sample output:

    ; 	-----BEGIN CERTIFICATE REQUEST-----
    ; 	MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
    ; 	bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
    ; 	HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
    ; 	IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
    ; 	AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
    ; 	H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
    ; 	YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
    ; 	KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
    ; 	68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
    ; 	elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
    ; 	SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
    ; 	26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
    ; 	6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
    ; 	vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
    ; 	Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
    ; 	hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
    ; 	-----END CERTIFICATE REQUEST-----


    CkRsa::ckDispose(rsa)
    CkPrivateKey::ckDispose(privKey)
    CkCsr::ckDispose(csr)
    CkFileAccess::ckDispose(fac)


    ProcedureReturn
EndProcedure