Sample code for 30+ languages & platforms
PureBasic

Get Certificates from .p12 / .pfx

See more PFX/P12 Examples

A PKCS12 (.p12 / .pfx) is a container for holding a certificate, its private key, and the certs in the chain of authentication up to and possibly including the root CA cert. A .p12 is not required to contain certain things. It will contain whatever the creator of the .p12 decided to include. It's possible to contain just a private key, just a cert, many certs without private keys, or many certs with many private keys. Usually, a .p12 contains one certificate, its associated private key, and certificates in the chain of authentication.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkPfx.pb"
IncludeFile "CkCert.pb"

Procedure ChilkatExample()

    success.i = 0

    pfx.i = CkPfx::ckCreate()
    If pfx.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkPfx::ckLoadPfxFile(pfx,"qa_data/pfx/test.pfx","pfx_password")
    If success = 0
        Debug CkPfx::ckLastErrorText(pfx)
        CkPfx::ckDispose(pfx)
        ProcedureReturn
    EndIf

    ; Iterate over the certs contained in the PFX
    cert.i = CkCert::ckCreate()
    If cert.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    numCerts.i = CkPfx::ckNumCerts(pfx)
    i.i = 0
    While i < numCerts

        CkPfx::ckCertAt(pfx,i,cert)

        Debug "--- " + Str(i) + " ---"
        Debug CkCert::ckSubjectDN(cert)
        ; Is this a root cert, or self-signed?
        Debug "Root: " + Str(CkCert::ckIsRoot(cert))
        Debug "Self-Signed: " + Str(CkCert::ckSelfSigned(cert))

        ; If this certificate is not the root (self-signed), then get the issuer.
        ; If the issuing certificate is contained in the PFX, then it will be found here..
        If CkCert::ckSelfSigned(cert) <> 1
            issuer.i = CkCert::ckFindIssuer(cert)
            If CkCert::ckLastMethodSuccess(cert) = 0
                Debug "Issuer not found."
            Else
                Debug "Issuer: " + CkCert::ckSubjectDN(issuer)
                CkCert::ckDispose(issuer)

            EndIf

        EndIf

        i = i + 1
    Wend

    ; Usually, the user certificate is at index 0, its issuer is at index 1, etc. until we get to the root certificate.


    CkPfx::ckDispose(pfx)
    CkCert::ckDispose(cert)


    ProcedureReturn
EndProcedure