Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(VBScript) Duplicate openssl req -newkey rsa:2048 -nodes -keyout mydomain.pem -out mydomain.csrDemonstrates how to duplicate this OpenSSL command: openssl req -newkey rsa:2048 -nodes -keyout mydomain.pem -out mydomain.csr This command creates 2 files:
The second file is needed to pair with the certificate that will later be received from the CA.
Dim fso, outFile Set fso = CreateObject("Scripting.FileSystemObject") 'Create a Unicode (utf-16) output text file. Set outFile = fso.CreateTextFile("output.txt", True, True) ' This example requires the Chilkat API to have been previously unlocked. ' See Global Unlock Sample for sample code. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Rsa") set rsa = CreateObject("Chilkat.Rsa") ' Generate a 2048-bit key. Chilkat RSA supports ' key sizes ranging from 512 bits to 8192 bits. success = rsa.GenerateKey(2048) If (success <> 1) Then outFile.WriteLine(rsa.LastErrorText) WScript.Quit End If ' privKey is a Chilkat.PrivateKey Set privKey = rsa.ExportPrivateKeyObj() ' Save the private key to unencrypted PKCS8 PEM success = privKey.SavePkcs8PemFile("mydomain.pem") ' (alternatively) Save the private key to encrypted PKCS8 PEM success = privKey.SavePkcs8EncryptedPemFile("myPassword","mydomain_enc.pem") ' We'll need the private key's modulus for the CSR. ' The modulus is not something that needs to be protected. Most people don't realize ' that a public key is actually just a subset of the private key. The public parts of ' an RSA private key are the modulus and exponent. The exponent is always 65537. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Xml") set privKeyXml = CreateObject("Chilkat.Xml") success = privKeyXml.LoadXml(privKey.GetXml()) ' Get the modulus in base64 format: keyModulus = privKeyXml.GetChildContent("Modulus") ' -------------------------------------------------------------------------------- ' Now build the CSR using Chilkat's ASN.1 API. ' The keyModulus will be embedded within the ASN.1. ' A new ASN.1 object is automatically a SEQUENCE. ' Given that the CSR's root item is a SEQUENCE, we can use ' this as the root of our CSR. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Asn") set asnRoot = CreateObject("Chilkat.Asn") ' Beneath the root, we have a SEQUENCE (the certificate request info), ' another SEQUENCE (the algorithm identifier), and a BITSTRING (the signature data) success = asnRoot.AppendSequence() success = asnRoot.AppendSequence() ' ---------------------------------- ' Build the Certificate Request Info ' ---------------------------------- ' asnCertReqInfo is a Chilkat.Asn Set asnCertReqInfo = asnRoot.GetSubItem(0) success = asnCertReqInfo.AppendInt(0) ' Build the Subject part of the Certificate Request Info ' asnCertSubject is a Chilkat.Asn Set asnCertSubject = asnCertReqInfo.AppendSequenceR() ' Add each subject part.. ' asnTemp is a Chilkat.Asn Set asnTemp = asnCertSubject.AppendSetR() success = asnTemp.AppendSequence2() ' AppendSequence2 updates the internal reference to the newly appended SEQUENCE. ' The OID and printable string are added to the SEQUENCE. success = asnTemp.AppendOid("2.5.4.6") success = asnTemp.AppendString("printable","US") ' asnTemp is a Chilkat.Asn Set asnTemp = asnCertSubject.AppendSetR() success = asnTemp.AppendSequence2() success = asnTemp.AppendOid("2.5.4.8") success = asnTemp.AppendString("utf8","Utah") ' asnTemp is a Chilkat.Asn Set asnTemp = asnCertSubject.AppendSetR() success = asnTemp.AppendSequence2() success = asnTemp.AppendOid("2.5.4.7") success = asnTemp.AppendString("utf8","Lindon") ' asnTemp is a Chilkat.Asn Set asnTemp = asnCertSubject.AppendSetR() success = asnTemp.AppendSequence2() success = asnTemp.AppendOid("2.5.4.10") success = asnTemp.AppendString("utf8","DigiCert Inc.") ' asnTemp is a Chilkat.Asn Set asnTemp = asnCertSubject.AppendSetR() success = asnTemp.AppendSequence2() success = asnTemp.AppendOid("2.5.4.11") success = asnTemp.AppendString("utf8","DigiCert") ' asnTemp is a Chilkat.Asn Set asnTemp = asnCertSubject.AppendSetR() success = asnTemp.AppendSequence2() success = asnTemp.AppendOid("2.5.4.3") success = asnTemp.AppendString("utf8","example.digicert.com") ' Build the Public Key Info part of the Certificate Request Info ' asnPubKeyInfo is a Chilkat.Asn Set asnPubKeyInfo = asnCertReqInfo.AppendSequenceR() ' asnPubKeyAlgId is a Chilkat.Asn Set asnPubKeyAlgId = asnPubKeyInfo.AppendSequenceR() success = asnPubKeyAlgId.AppendOid("1.2.840.113549.1.1.1") success = asnPubKeyAlgId.AppendNull() ' The public key itself is a BIT STRING, but the bit string is composed of ASN.1 ' for the RSA public key. We'll first build the RSA ASN.1 for the public key ' (containing the 2048 bit modulus and exponent), and encoded it to DER, and then add ' the DER bytes as a BIT STRING (as a sub-item of asnPubKeyInfo) ' This is already a SEQUENCE.. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Asn") set asnRsaKey = CreateObject("Chilkat.Asn") ' The RSA modulus is a big integer. success = asnRsaKey.AppendBigInt(keyModulus,"base64") success = asnRsaKey.AppendInt(65537) rsaKeyDerBase64 = asnRsaKey.GetEncodedDer("base64") ' Now add the RSA key DER as a BIT STRING. success = asnPubKeyInfo.AppendBits(rsaKeyDerBase64,"base64") ' The last part of the certificate request info is an empty context-specific constructed item ' with a tag equal to 0. success = asnCertReqInfo.AppendContextConstructed(0) ' Get the DER of the asnCertReqInfo. ' This will be signed using the RSA private key. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.BinData") set bdDer = CreateObject("Chilkat.BinData") success = asnCertReqInfo.WriteBd(bdDer) ' Add the signature to the ASN.1 ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.BinData") set bdSig = CreateObject("Chilkat.BinData") success = rsa.SignBd(bdDer,"SHA1",bdSig) success = asnRoot.AppendBits(bdSig.GetEncoded("base64"),"base64") ' ---------------------------------- ' Finally, add the algorithm identifier, which is the 2nd sub-item under the root. ' ---------------------------------- ' asnAlgId is a Chilkat.Asn Set asnAlgId = asnRoot.GetSubItem(1) success = asnAlgId.AppendOid("1.2.840.113549.1.1.5") success = asnAlgId.AppendNull() ' Write the CSR to a DER encoded binary file: success = asnRoot.WriteBinaryDer("qa_output/mydomain.csr") If (success <> 1) Then outFile.WriteLine(asnRoot.LastErrorText) WScript.Quit End If ' It is also possible to get the CSR in base64 format: csrBase64 = asnRoot.GetEncodedDer("base64") outFile.WriteLine("Base64 CSR:") outFile.WriteLine(csrBase64) outFile.Close |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.