Sample code for 30+ languages & platforms
Unicode C

Export a Certificate's Private Key to Various Formats

See more Certificates Examples

Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkCertW.h>
#include <C_CkPrivateKeyW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCertW cert;
    const wchar_t *pfxFilename;
    const wchar_t *pfxPassword;
    HCkPrivateKeyW privKey;
    const wchar_t *password;
    const wchar_t *path;

    success = FALSE;

    cert = CkCertW_Create();

    // Load from the PFX file
    pfxFilename = L"/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx";
    pfxPassword = L"test";

    // A PFX typically contains certificates in the chain of authentication.
    // The Chilkat cert object will choose the certificate w/
    // private key farthest from the root authority cert.
    // To access all the certificates in a PFX, use the 
    // Chilkat certificate store object instead.
    success = CkCertW_LoadPfxFile(cert,pfxFilename,pfxPassword);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkCertW_Dispose(cert);
        return;
    }

    // Get the private key...
    privKey = CkPrivateKeyW_Create();
    success = CkCertW_GetPrivateKey(cert,privKey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // Export to various formats:

    password = L"secret";

    // PKCS8 Encrypted DER
    path = L"/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der";
    success = CkPrivateKeyW_SavePkcs8EncryptedFile(privKey,password,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // PKCS8 Encrypted PEM
    path = L"/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem";
    success = CkPrivateKeyW_SavePkcs8EncryptedPemFile(privKey,password,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // PKCS8 Unencrypted DER
    path = L"/Users/chilkat/testData/privkeys/chilkat_pkcs8.der";
    success = CkPrivateKeyW_SavePkcs8File(privKey,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // PKCS8 Unencrypted PEM
    path = L"/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem";
    success = CkPrivateKeyW_SavePkcs8PemFile(privKey,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    //  RSA DER (unencrypted)
    path = L"/Users/chilkat/testData/privkeys/chilkat_rsa.der";
    success = CkPrivateKeyW_SavePkcs1File(privKey,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // RSA PEM (unencrypted)
    path = L"/Users/chilkat/testData/privkeys/chilkat_rsa.pem";
    success = CkPrivateKeyW_SavePemFile(privKey,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // XML (unencrypted)
    path = L"/Users/chilkat/testData/privkeys/chilkat.xml";
    success = CkPrivateKeyW_SaveXmlFile(privKey,path);
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    wprintf(L"Private key exported to various formats.\n");


    CkCertW_Dispose(cert);
    CkPrivateKeyW_Dispose(privKey);

    }