(DataFlex) Generate Key and Certificate Signing Request (CSR)

Demonstrates how to generate a new RSA key and a Certificate Signing Request (CSR).

Note: This example requires Chilkat v9.5.0.65 or greater.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

Use ChilkatAx-9.5.0-win32.pkg

Procedure Test
    Handle hoRsa
    Boolean iSuccess
    Variant vPrivKey
    Handle hoPrivKey
    Handle hoCsr
    String sPemStr
    Handle hoFac
    String sTemp1
    Boolean bTemp1

    // Note: Requires Chilkat v9.5.0.65 or greater.

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First generate an RSA private key.
    Get Create (RefClass(cComChilkatRsa)) To hoRsa
    If (Not(IsComObjectCreated(hoRsa))) Begin
        Send CreateComObject of hoRsa
    End

    // Generate a random 2048-bit RSA key.
    Get ComGenerateKey Of hoRsa 2048 To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoRsa To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Get the private key
    Get ComExportPrivateKeyObj Of hoRsa To vPrivKey
    If (IsComObject(vPrivKey)) Begin
        Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
        Set pvComObject Of hoPrivKey To vPrivKey
    End

    // Create the CSR object and set properties.
    Get Create (RefClass(cComChilkatCsr)) To hoCsr
    If (Not(IsComObjectCreated(hoCsr))) Begin
        Send CreateComObject of hoCsr
    End

    // Specify the Common Name.  This is the only required property.
    // For SSL/TLS certificates, this would be the domain name. 
    // For email certificates this would be the email address. 
    Set ComCommonName Of hoCsr To "mysubdomain.mydomain.com"

    // Country Name (2 letter code)
    Set ComCountry Of hoCsr To "GB"

    // State or Province Name (full name)
    Set ComState Of hoCsr To "Yorks"

    // Locality Name (eg, city)
    Set ComLocality Of hoCsr To "York"

    // Organization Name (eg, company)
    Set ComCompany Of hoCsr To "Internet Widgits Pty Ltd"

    // Organizational Unit Name (eg, secion/division)
    Set ComCompanyDivision Of hoCsr To "IT"

    // Email address
    Set ComEmailAddress Of hoCsr To "support@mydomain.com"

    // Create the CSR using the private key.
    Get ComGenCsrPem Of hoCsr vPrivKey To sPemStr
    Get ComLastMethodSuccess Of hoCsr To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoCsr To sTemp1
        Showln sTemp1
        Send Destroy of hoPrivKey
        Procedure_Return
    End

    // Save the private key and CSR to a files.
    Get ComSavePkcs8EncryptedPemFile Of hoPrivKey "password" "qa_output/privKey1.pem" To iSuccess
    Send Destroy of hoPrivKey

    Get Create (RefClass(cComCkFileAccess)) To hoFac
    If (Not(IsComObjectCreated(hoFac))) Begin
        Send CreateComObject of hoFac
    End
    Get ComWriteEntireTextFile Of hoFac "qa_output/csr1.pem" sPemStr "utf-8" False To iSuccess

    // Show the CSR.
    Showln sPemStr

    // Sample output:
    // The CSR PEM can be checked here:
    // https://www.networking4all.com/en/support/tools/csr+check/
    // Copy-and-paste the PEM into the online CSR Decoding / CSR Verification form

    // 	-----BEGIN CERTIFICATE REQUEST-----
    // 	MIIC6jCCAdICAQAwgaQxITAfBgNVBAMMGG15c3ViZG9tYWluLm15ZG9tYWluLmNv
    // 	bTELMAkGA1UEBhMCR0IxDjAMBgNVBAgMBVlvcmtzMQ0wCwYDVQQHDARZb3JrMSEw
    // 	HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxCzAJBgNVBAsMAklUMSMw
    // 	IQYJKoZIhvcNAQkBFhRzdXBwb3J0QG15ZG9tYWluLmNvbTCCASIwDQYJKoZIhvcN
    // 	AQEBBQADggEPADCCAQoCggEBALnQ0un/wF8whk+gPuiAlf3qvx14jgAOV6Erm6EB
    // 	H7WACPCpnKcm/8KP+7uoPiwRQaENhMeCgf45vcivl2p6aAn/spLXyEkXyw2d8wFb
    // 	YYAGRkiz4Xf7ASJiKuwcOtORz+sSDzgtdfokHfXU1cYeFE2yQhSdLUY5fMn425+g
    // 	KoEEsRSjSDe6AKru4+4iGNrLKd8pB9IA5/jOE139IkWlB9r5fEPD5bUTsgqXk9eb
    // 	68O0gc712V2eZK07N24lDmFC4bIMTD4csDWocR5hFHXj7NX7c8sOBDcpEb9mPIk4
    // 	elxubnhkfnjhOi4J3lDHcT/0ALnbLhf9LnaiKqs+5VcVZvECAwEAAaAAMA0GCSqG
    // 	SIb3DQEBBQUAA4IBAQC0AETLIcP3foh5nbu2hVFS8uCUNZ5hEIR1eXmYZmZoBQq2
    // 	26ZAoT4CZwixlggC+n7WvAXJ5Pzxpl4wLV4loTiQzaKPX1w0ERo5ZRwLy0n56oG2
    // 	6QG+WTViT1C8rlgtVwkCFNOXr0kSSRs8FdaPllqKxK1hxYSL7zwNpumsk39F2cDt
    // 	vhcekvH0V3BuGrQFm3dKN/0azW6GOod9+Vq4VzSyOe3kp15oxLBsZOFOu/REujcw
    // 	Tzu2jt1asQKUm60CZ9wNHpYepR0Ww40uP1slbehEaFDa6V8b60/tlHHmBbJ4/fy5
    // 	hJnYCvjzFz4O9VtT+JtP9ldRHWV3KpZ8ne3AjD+F
    // 	-----END CERTIFICATE REQUEST-----


End_Procedure