Sample code for 30+ languages & platforms
PHP Extension

SFTP use Cert's Private Key from PFX (.pfx/.p12)

See more SFTP Examples

Demonstrates how to use the private key associated with a certificate from a .pfx/.p12 file.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$cert = new CkCert();

$pfxFilepath = 'qa_data/pfx/my.pfx';
$pfxPassword = 'secret';

// A PFX typically contains certificates in the chain of authentication.
// The Chilkat cert object will choose the certificate w/
// private key farthest from the root authority cert.
// To access all the certificates in a PFX, use the 
// Chilkat certificate store object instead.
$success = $cert->LoadPfxFile($pfxFilepath,$pfxPassword);
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

// Get the private key.  
$privKey = new CkPrivateKey();
$success = $cert->GetPrivateKey($privKey);
if ($success == false) {
    print $cert->lastErrorText() . "\n";
    exit;
}

$privKeyPem = $privKey->getPkcs8Pem();
if ($privKey->get_LastMethodSuccess() == false) {
    print $privKey->lastErrorText() . "\n";
    exit;
}

$sshKey = new CkSshKey();
$success = $sshKey->FromOpenSshPrivateKey($privKeyPem);
if ($success == false) {
    print $sshKey->lastErrorText() . "\n";
    exit;
}

// Connect to an SSH/SFTP server
$sftp = new CkSFtp();
$success = $sftp->Connect('sftp.example.com',22);
if ($success == false) {
    print $sftp->lastErrorText() . "\n";
    exit;
}

// Authenticate with the SSH server using a username + private key.
// (The private key serves as the password.  The username identifies
// the SSH user account on the server.)
$success = $sftp->AuthenticatePk('mySshLogin',$sshKey);
if ($success == false) {
    print $sftp->lastErrorText() . "\n";
    exit;
}

print 'OK, the connection and authentication with the SSH server is completed.' . "\n";

// This example is only to show the connection + authentication using a private key associated with a certificate in the Windows certificate store...

?>