Create a certificate request

To create the certificate request, first create TElCertificateRequest object.

Next, set request parameters. Subject (specifies the person or organization, to which the certificate will be issued) is a mandatory parameter. Other parameters are optional. For information about setting extensions, see the corresponding how-to article.

Next step is to generate the request. This operation actually generates the public and private keys. PublicKeySize and PublicKeyAlgorithm parameters define how to generate the public key and SignatureAlgorithm defines the algorithm used to sign the certificate request. Use Generate() method of TElCertificateRequest class to generate the key pair.

After the key pair is generated, you need to save the certificate request and the private key.

To save the certificate request, call corresponding SaveToStream*() or SaveToBuffer*() methods of TElCertificateRequest. Asterisk denotes format name or nothing in case of DER format.
To save the private key, call corresponding SaveKeyToStream*() or SaveKeyToBuffer*() methods of TElCertificateRequest. Asterisk denotes format name or nothing in case of DER format.

Certificate requests can be stored in DER and PEM formats. For description of various formats of certifcate request and key files see the corresponding how-to article.

You can save the certificate request or the key to the memory buffer or to the stream (be it file stream, or memory stream, or BLOB stream or some other stream).

Remember to save the private key and keep the key in the safe place until the certificate is generated from request.

For more information about certificate requests see PKCS #10 on http://www.rsa.com.