(JavaScript) Export a Certificate's Private Key to Various Formats

Loads a digital certificate and private key from a PFX file (also known as PKCS#12) and exports the private key to various formats: (1) PKCS8 Encrypted, (2) PKCS8 Encrypted PEM, (3) PKCS8 unencrypted, (4) PKCS8 PEM unencrypted, (5) RSA DER unencrypted, (6) RSA PEM unencrypted, (7) XML.

Note: This example requires Chilkat v11.0.0 or greater.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

var cert = new CkCert();

// Load from the PFX file
var pfxFilename = "/Users/chilkat/testData/pfx/chilkat_ssl_pwd_is_test.pfx";
var pfxPassword = "test";

// A PFX typically contains certificates in the chain of authentication.
// The Chilkat cert object will choose the certificate w/
// private key farthest from the root authority cert.
// To access all the certificates in a PFX, use the 
// Chilkat certificate store object instead.
success = cert.LoadPfxFile(pfxFilename,pfxPassword);
if (success == false) {
    console.log(cert.LastErrorText);
    return;
}

// Get the private key...
var privKey = new CkPrivateKey();
success = cert.GetPrivateKey(privKey);
if (success == false) {
    console.log(cert.LastErrorText);
    return;
}

// Export to various formats:

var password = "secret";
var path;

// PKCS8 Encrypted DER
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.der";
success = privKey.SavePkcs8EncryptedFile(password,path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

// PKCS8 Encrypted PEM
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8_enc.pem";
success = privKey.SavePkcs8EncryptedPemFile(password,path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

// PKCS8 Unencrypted DER
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.der";
success = privKey.SavePkcs8File(path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

// PKCS8 Unencrypted PEM
path = "/Users/chilkat/testData/privkeys/chilkat_pkcs8.pem";
success = privKey.SavePkcs8PemFile(path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

//  RSA DER (unencrypted)
path = "/Users/chilkat/testData/privkeys/chilkat_rsa.der";
success = privKey.SavePkcs1File(path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

// RSA PEM (unencrypted)
path = "/Users/chilkat/testData/privkeys/chilkat_rsa.pem";
success = privKey.SavePemFile(path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

// XML (unencrypted)
path = "/Users/chilkat/testData/privkeys/chilkat.xml";
success = privKey.SaveXmlFile(path);
if (success == false) {
    console.log(privKey.LastErrorText);
    return;
}

console.log("Private key exported to various formats.");