CreateSelfSignedCertificate

Security and Signatures

Description

Creates a self-signed RSA certificate with a SHA-256 signature and exports it - private key included - to a password-protected PFX file. The generated PFX works directly with SignFile, SetSignProcessPFXFromFile and the other PFX-based signing entry points, so signing workflows can be developed and tested without obtaining a certificate from an external authority.

The certificate is generated in a temporary key container that is deleted again after the export; only the PFX file keeps the key material. Self-signed certificates are intended for testing and internal documents: PDF viewers flag them as untrusted unless the user installs them explicitly.

Syntax

Delphi

Function TPDFlib.CreateSelfSignedCertificate(Const SubjectName, PFXFileName, PFXPassword: WideString; ValidDays, KeyBits: Integer): Integer;

ActiveX

Function PDFlib::CreateSelfSignedCertificate(SubjectName As String, PFXFileName As String, PFXPassword As String, ValidDays As Long, KeyBits As Long) As Long

DLL

int DLCreateSelfSignedCertificate(int InstanceID, const wchar_t * SubjectName, const wchar_t * PFXFileName, const wchar_t * PFXPassword, int ValidDays, int KeyBits);

Parameters

SubjectNameThe certificate subject as an X.500 string, for example "CN=Alice Signer, O=Example Corp". A bare name without "=" gets a "CN=" prefix automatically.
PFXFileNameThe path of the PFX (PKCS#12) file to write.
PFXPasswordThe password protecting the exported PFX file.
ValidDaysValidity period in days from now; values below 1 default to 365.
KeyBitsRSA key length in bits; values outside 1024..16384 default to 2048.

Return values

0The certificate could not be created (empty subject or file name, or a Windows CryptoAPI failure)
1Success