EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Certificate request - response- whats next

Posted: 03/19/2013 01:13:05
by Jens Heinrich (Basic support level)
Joined: 03/19/2013
Posts: 2

I'm evaluating at the moment the PKIBlackBox.
i created with TELCertificateRequest class an CertificateRequest, sended the p10 file by mail to the CA and get back a Certificate, but i really don't know what to do now.
i saved the CertificateRequest and with KeyMaterial.SaveKey also the private key, but how do i get my private key into the recieved Certificate?

Posted: 03/19/2013 01:28:52
by Eugene Mayevski (Team)

Thank you for contacting us.

Simply put, you don't.

What you have now is a certificate in DER format (possibly base64-encoded) and a separate private key. And that's fine for some operations.

For other operations you might want to get a PFX (PKCS#12) file which includes one or several certificate(s) with private key(s). To do this, you need to
a) create an instance of TElX509Certificate
b) load the certificate and the private key from the corresponding files using one of TElX509Certificate's methods.
c) use SaveTo*PFX() method to save the certificate with the private key to PFX file.

If you need to add a CA certificate to the PFX, the procedure gets more complicated. Instead of © above, you do the following:

c) create another instance of TElX509Certificate.
d) load the CA certificate to the second instance.
e) Create an instance of TElMemoryCertStorage and add certificates there using Add method of the storage
f) save the storage to PFX using its SaveToStreamPFX method.

Sincerely yours
Eugene Mayevski
Posted: 03/19/2013 02:54:49
by Jens Heinrich (Basic support level)
Joined: 03/19/2013
Posts: 2

i think i don't need the CA Certificate.

So if i understand everything right
i create a TELX509Certificate and load the Certificate they created from my p10 file and the i load my private key to the Certificate and i save this as pfx. Thats all? So i don't need my originally saved p10 file?
Posted: 03/19/2013 02:59:58
by Eugene Mayevski (Team)

Yes, that's all and you don't need PKCS#10 to construct a PFX.

Sincerely yours
Eugene Mayevski



Topic viewed 575 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!