Sample code for 30+ languages & platforms
Classic ASP

Generate a CSR containing an Extension Request

See more CSR Examples

Demonstrates how to generate a CSR containing a 1.2.840.113549.1.9.14 extensionRequest.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' This example will generate a secp256r1 ECDSA key for the CSR.
set ecc = Server.CreateObject("Chilkat.Ecc")
set prng = Server.CreateObject("Chilkat.Prng")
set privKey = Server.CreateObject("Chilkat.PrivateKey")

success = ecc.GenKey("secp256r1",prng,privKey)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( "Failed to generate a new ECDSA private key.") & "</pre>"
    Response.End
End If

set csr = Server.CreateObject("Chilkat.Csr")

' Add common CSR fields:
csr.CommonName = "mysubdomain.mydomain.com"
csr.Country = "GB"
csr.State = "Yorks"
csr.Locality = "York"
csr.Company = "Internet Widgits Pty Ltd"
csr.EmailAddress = "support@mydomain.com"

' Add the following 1.2.840.113549.1.9.14 extensionRequest
' Note: The easiest way to know the content and format of the XML to be added is to examine
' a pre-existing CSR with the same desired extensionRequest.  You can use Chilkat to
' get the extensionRequest from an existing CSR. 

' 
' Here is a sample extension request:

' <?xml version="1.0" encoding="utf-8"?>
' <set>
'    <sequence>
'        <sequence>
'            <oid>1.3.6.1.4.1.311.20.2</oid>
'            <asnOctets>
'                <printable>ZATCA-Code-Signing</printable>
'            </asnOctets>
'        </sequence>
'        <sequence>
'            <oid>2.5.29.17</oid>
'            <asnOctets>
'                <sequence>
'                    <contextSpecific tag="4" constructed="1">
'                        <sequence>
'                            <set>
'                                <sequence>
'                                    <oid>2.5.4.4</oid>
'                                    <utf8>334623324234325</utf8>
'                                </sequence>
'                            </set>
'                            <set>
'                                <sequence>
'                                    <oid>0.9.2342.19200300.100.1.1</oid>
'                                    <utf8>310122393500003</utf8>
'                                </sequence>
'                            </set>
'                            <set>
'                                <sequence>
'                                    <oid>2.5.4.12</oid>
'                                    <utf8>0000</utf8>
'                                </sequence>
'                            </set>
'                            <set>
'                                <sequence>
'                                    <oid>2.5.4.26</oid>
'                                    <utf8>Sample E</utf8>
'                                </sequence>
'                            </set>
'                            <set>
'                                <sequence>
'                                    <oid>2.5.4.15</oid>
'                                    <utf8>Sample Business</utf8>
'                                </sequence>
'                            </set>
'                        </sequence>
'                    </contextSpecific>
'                </sequence>
'            </asnOctets>
'        </sequence>
'    </sequence>
' </set>

' Use this online tool to generate code from sample XML: 
' Generate Code to Create XML

' Here's the code to generate the above extension request.

set xml = Server.CreateObject("Chilkat.Xml")
xml.Tag = "set"
xml.UpdateChildContent "sequence|sequence|oid","1.3.6.1.4.1.311.20.2"
xml.UpdateChildContent "sequence|sequence|asnOctets|printable","ZATCA-Code-Signing"
xml.UpdateChildContent "sequence|sequence[1]|oid","2.5.29.17"
success = xml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",1,"tag","4")
success = xml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",1,"constructed","1")
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|oid","2.5.4.4"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|utf8","334623324234325"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|oid","0.9.2342.19200300.100.1.1"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|utf8","310122393500003"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|oid","2.5.4.12"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|utf8","0000"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|oid","2.5.4.26"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|utf8","Sample E"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|oid","2.5.4.15"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|utf8","Sample Business"

' Add the extension request to the CSR
success = csr.SetExtensionRequest(xml)

' Generate the CSR with the extension request
csrPem = csr.GenCsrPem(privKey)
If (csr.LastMethodSuccess = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( csr.LastErrorText) & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( csrPem) & "</pre>"

' Sample PEM output:

' -----BEGIN CERTIFICATE REQUEST-----
' MIICEjCCAbkCAQAwgZcxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
' bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
' HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxIzAhBgkqhkiG9w0BCQEW
' FHN1cHBvcnRAbXlkb21haW4uY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
' g8EVNSV0ttlM9kG2E+J3ZB9WEDYVf2QA/8idrPRUafia1CHjd1kslwZA8eP2bAcf
' 2O493QAENqtW6DTHJbRz8KCBvjCBuwYJKoZIhvcNAQkOMYGtMIGqMCEGCSsGAQQB
' gjcUAgQUExJaQVRDQS1Db2RlLVNpZ25pbmcwgYQGA1UdEQR9MHukeTB3MRgwFgYD
' VQQEDA8zMzQ2MjMzMjQyMzQzMjUxHzAdBgoJkiaJk/IsZAEBDA8zMTAxMjIzOTM1
' MDAwMDMxDTALBgNVBAwMBDAwMDAxETAPBgNVBBoMCFNhbXBsZSBFMRgwFgYDVQQP
' DA9TYW1wbGUgQnVzaW5lc3MwCgYIKoZIzj0EAwIDRwAwRAIgF7D30eSBklfo+oel
' 1B0z64eJDB9MB3rCoiFZlj+mz0YCIHYI87eyqdtw2LOcAoBRhyxlBT6i28+Z/8t9
' bYsMIYvp
' -----END CERTIFICATE REQUEST-----

%>
</body>
</html>