CreateSelfSignedCertificate
Security and Signatures
Description
Creates a self-signed RSA certificate with a SHA-256 signature and exports it - private key included - to a password-protected PFX file. The generated PFX works directly with SignFile, SetSignProcessPFXFromFile and the other PFX-based signing entry points, so signing workflows can be developed and tested without obtaining a certificate from an external authority.
The certificate is generated in a temporary key container that is deleted again after the export; only the PFX file keeps the key material. Self-signed certificates are intended for testing and internal documents: PDF viewers flag them as untrusted unless the user installs them explicitly.
Syntax
Delphi
Function TPDFlib.CreateSelfSignedCertificate(Const SubjectName, PFXFileName, PFXPassword: WideString; ValidDays, KeyBits: Integer): Integer;
ActiveX
Function PDFlib::CreateSelfSignedCertificate(SubjectName As String, PFXFileName As String, PFXPassword As String, ValidDays As Long, KeyBits As Long) As Long
DLL
int DLCreateSelfSignedCertificate(int InstanceID, const wchar_t * SubjectName, const wchar_t * PFXFileName, const wchar_t * PFXPassword, int ValidDays, int KeyBits);
Parameters
| SubjectName | The certificate subject as an X.500 string, for example "CN=Alice Signer, O=Example Corp". A bare name without "=" gets a "CN=" prefix automatically. |
|---|---|
| PFXFileName | The path of the PFX (PKCS#12) file to write. |
| PFXPassword | The password protecting the exported PFX file. |
| ValidDays | Validity period in days from now; values below 1 default to 365. |
| KeyBits | RSA key length in bits; values outside 1024..16384 default to 2048. |
Return values
| 0 | The certificate could not be created (empty subject or file name, or a Windows CryptoAPI failure) |
|---|---|
| 1 | Success |