(Tcl) Add Private Key and Certificate to a PEM

Demonstrates how to add certificates and private keys to a PEM.

Chilkat Tcl Extension Downloads Chilkat Tcl Extension Downloads

load ./chilkat.dll

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# The Chilkat PEM class was introduced in v9.5.0.49.  
# It requires the bundle to be unlocked, as shown above.
set pem [new_CkPem]

# Add the private key found in alice.key to this PEM.
# 
set privKey [new_CkPrivateKey]

set success [CkPrivateKey_LoadAnyFormatFile $privKey "qa_data/alice.key" ""]
if {$success != 1} then {
    puts [CkPrivateKey_lastErrorText $privKey]
    delete_CkPem $pem
    delete_CkPrivateKey $privKey
    exit
}

# Add it to the PEM:
set success [CkPem_AddPrivateKey $pem $privKey]

# Add the certificate found in alice.crt to this PEM.
# 
set cert [new_CkCert]

set success [CkCert_LoadFromFile $cert "qa_data/alice.crt"]
if {$success != 1} then {
    puts [CkCert_lastErrorText $cert]
    delete_CkPem $pem
    delete_CkPrivateKey $privKey
    delete_CkCert $cert
    exit
}

# Add it to the PEM:
set includeCertChain 0
set success [CkPem_AddCert $pem $cert $includeCertChain]

# Write the PEM containing the private key and certificate.
# The private key will be output in PKCS8 encrypted form.
# Certificates are never encrypted.

# This is the password that will be required to open and access the private key
# from the PEM we're about to write..
set password "secret"
set extendedAttrs 0
set noKeys 0
set noCerts 0
set noCaCerts 0
set encryptAlg "aes128"

set pemStr [CkPem_toPemEx $pem $extendedAttrs $noKeys $noCerts $noCaCerts $encryptAlg $password]
puts "$pemStr"

delete_CkPem $pem
delete_CkPrivateKey $privKey
delete_CkCert $cert