Sample code for 30+ languages & platforms
PureBasic

Convert Let's Encrypt PEM Files to a PFX

See more PFX/P12 Examples

Demonstrates how to convert the .pem files provided by Let's Encrypt to a single PFX.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkPfx.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; Let's Encrypt provides four .pem files
    ; 1. fullchain.pem
    ; 2. privkey.pem
    ; 3. cert.pem
    ; 4. chain.pem

    ; The cert.pem and chain.pem are redundant. 
    ; The fullchain.pem is composed of the cert.pem and chain.pem.

    ; To convert the PEM's to a single .pfx, we don't need the redundant data.
    ; The privkey.pem and fullchain.pem provide the required data.
    ; We can ignore cert.pem and chain.pem (because those certs are already found in fullchain.pem).

    ; We need a single .pem file that contains both the private key, the cert,
    ; and the certs in the chain of authentication.
    ; Let's combine priveky.pem and fullchain.pem into a single .pem

    sbPem.i = CkStringBuilder::ckCreate()
    If sbPem.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkStringBuilder::ckLoadFile(sbPem,"qa_data/pem/lets_encrypt/privkey.pem","utf-8")
    If success = 0
        Debug "Failed to load privkey.pem"
        CkStringBuilder::ckDispose(sbPem)
        ProcedureReturn
    EndIf

    ; To be safe, append a blank line..
    CkStringBuilder::ckAppendLine(sbPem,"",0)

    sbFullChainPem.i = CkStringBuilder::ckCreate()
    If sbFullChainPem.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkStringBuilder::ckLoadFile(sbFullChainPem,"qa_data/pem/lets_encrypt/fullchain.pem","utf-8")
    If success = 0
        Debug "Failed to load fullchain.pem"
        CkStringBuilder::ckDispose(sbPem)
        CkStringBuilder::ckDispose(sbFullChainPem)
        ProcedureReturn
    EndIf

    ; Append the full cert chain PEM to the private key PEM.
    CkStringBuilder::ckAppendSb(sbPem,sbFullChainPem)

    ; Load the combined PEM into a Chilkat PFX object.
    pfx.i = CkPfx::ckCreate()
    If pfx.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkPfx::ckLoadPem(pfx,CkStringBuilder::ckGetAsString(sbPem),"no password required")
    If success = 0
        Debug CkPfx::ckLastErrorText(pfx)
        CkStringBuilder::ckDispose(sbPem)
        CkStringBuilder::ckDispose(sbFullChainPem)
        CkPfx::ckDispose(pfx)
        ProcedureReturn
    EndIf

    ; Write the PFX w/ a password.
    pfxPassword.s = "secret"
    success = CkPfx::ckToFile(pfx,pfxPassword,"qa_output/sample.pfx")
    If success = 0
        Debug CkPfx::ckLastErrorText(pfx)
        CkStringBuilder::ckDispose(sbPem)
        CkStringBuilder::ckDispose(sbFullChainPem)
        CkPfx::ckDispose(pfx)
        ProcedureReturn
    EndIf

    Debug "Success!"


    CkStringBuilder::ckDispose(sbPem)
    CkStringBuilder::ckDispose(sbFullChainPem)
    CkPfx::ckDispose(pfx)


    ProcedureReturn
EndProcedure