Sample code for 30+ languages & platforms
Unicode C

SFTP use Cert's Private Key from PFX (.pfx/.p12)

See more SFTP Examples

Demonstrates how to use the private key associated with a certificate from a .pfx/.p12 file.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkCertW.h>
#include <C_CkPrivateKeyW.h>
#include <C_CkSshKeyW.h>
#include <C_CkSFtpW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCertW cert;
    const wchar_t *pfxFilepath;
    const wchar_t *pfxPassword;
    HCkPrivateKeyW privKey;
    const wchar_t *privKeyPem;
    HCkSshKeyW sshKey;
    HCkSFtpW sftp;

    success = FALSE;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    cert = CkCertW_Create();

    pfxFilepath = L"qa_data/pfx/my.pfx";
    pfxPassword = L"secret";

    // A PFX typically contains certificates in the chain of authentication.
    // The Chilkat cert object will choose the certificate w/
    // private key farthest from the root authority cert.
    // To access all the certificates in a PFX, use the 
    // Chilkat certificate store object instead.
    success = CkCertW_LoadPfxFile(cert,pfxFilepath,pfxPassword);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkCertW_Dispose(cert);
        return;
    }

    // Get the private key.  
    privKey = CkPrivateKeyW_Create();
    success = CkCertW_GetPrivateKey(cert,privKey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    privKeyPem = CkPrivateKeyW_getPkcs8Pem(privKey);
    if (CkPrivateKeyW_getLastMethodSuccess(privKey) == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    sshKey = CkSshKeyW_Create();
    success = CkSshKeyW_FromOpenSshPrivateKey(sshKey,privKeyPem);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSshKeyW_lastErrorText(sshKey));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        CkSshKeyW_Dispose(sshKey);
        return;
    }

    // Connect to an SSH/SFTP server
    sftp = CkSFtpW_Create();
    success = CkSFtpW_Connect(sftp,L"sftp.example.com",22);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSFtpW_lastErrorText(sftp));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        CkSshKeyW_Dispose(sshKey);
        CkSFtpW_Dispose(sftp);
        return;
    }

    // Authenticate with the SSH server using a username + private key.
    // (The private key serves as the password.  The username identifies
    // the SSH user account on the server.)
    success = CkSFtpW_AuthenticatePk(sftp,L"mySshLogin",sshKey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSFtpW_lastErrorText(sftp));
        CkCertW_Dispose(cert);
        CkPrivateKeyW_Dispose(privKey);
        CkSshKeyW_Dispose(sshKey);
        CkSFtpW_Dispose(sftp);
        return;
    }

    wprintf(L"OK, the connection and authentication with the SSH server is completed.\n");

    // This example is only to show the connection + authentication using a private key associated with a certificate in the Windows certificate store...


    CkCertW_Dispose(cert);
    CkPrivateKeyW_Dispose(privKey);
    CkSshKeyW_Dispose(sshKey);
    CkSFtpW_Dispose(sftp);

    }