Sign with .pfx to create .p7s, Verify with .cer

Download Chilkat Crypt ActiveX

ASP example to sign a file using a .pfx and creating a .p7s file as output. It then uses a .cer file to verify the signature.

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
set crypt = Server.CreateObject("Chilkat.Crypt2")

'  Any string argument automatically begins the 30-day trial.
success = crypt.UnlockComponent("30-day trial")
If (success <> 1) Then
    Response.Write "Crypt component unlock failed" & "<br>"

End If

set certStore = Server.CreateObject("Chilkat.CertStore")
success = certStore.LoadPfxFile("chilkat.pfx","myPfxPassword")
If (success <> 1) Then
    Response.Write certStore.LastErrorText & "<br>"

End If

Set cert = certStore.FindCertBySubjectCN("Chilkat Software, Inc.")
If (cert Is Nothing ) Then
    Response.Write "Failed to find certificate" & "<br>"

End If

'  We can explicitly choose hash/encryption algorithms using a CSP.
set csp = Server.CreateObject("Chilkat.Csp")
csp.SetProviderMicrosoftEnhanced 
csp.SetHashAlgorithm "sha-1"

'  Tell the crypt component to use this cert and this CSP.
crypt.SetSigningCert cert
crypt.SetCSP csp

'  We can sign any type of file, creating a .p7s as output:
success = crypt.CreateP7S("hamlet.xml","hamlet.p7s")
If (success = 1) Then
    Response.Write "Signature created." & "<br>"
Else
    Response.Write crypt.LastErrorText & "<br>"
End If

'  Verify and restore the original file:
'  Use a cert from a .cer file (which only contains the public key)
set cert2 = Server.CreateObject("Chilkat.Cert")
success = cert2.LoadFromFile("chilkat.cer")
If (success <> 1) Then
    Response.Write cert2.LastErrorText & "<br>"

End If

crypt.SetVerifyCert cert2

success = crypt.VerifyP7S("hamlet.xml","hamlet.p7s")
If (success = 1) Then
    Response.Write "Signature verified." & "<br>"
Else
    Response.Write crypt.LastErrorText & "<br>"
End If

%>
</body>
</html>