Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Convert Cert + Key to PEM and PFX

See more Certificates Examples

This example is based on the following question from a Chilkat customer:

We receive 2 files :

    MyCertificate.p7b
    MyCertificate-privatekey.pkey

We have to transform these certificate like this:

First convert it to PEM like this:

openssl pkcs7 -in MyCertificate.p7b -inform DER -out MyCertificate.pem -print_certs

Now we get MyCertificate.pem

Last step, we need to convert it to pfx file:

openssl pkcs12 -export -inkey moncertificat-privatekey.pkey  -in  moncertificat.pem -out moncertificat.pfx

Is there a way to make all these steps with Chilkat ?

I will be nice to include this directly in our software instead of askig the user to do it manualy.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Cert,
  Chilkat.PrivateKey;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  cert: TCert;
  privKey: TPrivateKey;

begin
  success := False;

  cert := TCert.Create;
  privKey := TPrivateKey.Create;

  //  Load any type of certificate (.cer, .p7b, .pem, etc.) by calling LoadFromFile.
  success := cert.LoadFromFile('qa_data/certs/sample_cert_a.cer');
  if (success <> True) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Load the private key.
  //  (The various privKey methods that load from a file will automatically detect
  //  the format.  It doesn't actually matter if you try to load a non-PKCS8 format private key
  //  by calling LoadPkcs8EncryptedFile -- internally Chilkat will detect the format and will load
  //  based on what it finds.)
  success := privKey.LoadPkcs8EncryptedFile('qa_data/certs/sample_key_a.pkcs8','password');
  if (success <> True) then
    begin
      WriteLn(privKey.LastErrorText);
      Exit;
    end;

  //  Write the cert as PEM.
  success := cert.ExportCertPemFile('qa_output/cert.pem');

  //  Or get the PEM string directly...
  WriteLn(cert.ExportCertPem());

  //  Associate the private key with the cert object.
  success := cert.SetPrivateKey(privKey);
  if (success <> True) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Write the cert + private key to a .pfx file.
  success := cert.ExportToPfxFile('qa_data/myPfx.pfx','password',True);
  if (success <> True) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  WriteLn('Success.');


  cert.Free;
  privKey.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.