XmlCertVault PHP ActiveX Reference Documentation

XmlCertVault

Current Version: 11.5.0

Chilkat.XmlCertVault

Collect certificates, certificate chains, PEM data, and PFX private keys in an XML vault.

Chilkat.XmlCertVault stores certificates and private-key material in a portable XML-based certificate vault. It can add individual certificates, certificate chains, DER or encoded certificates, PEM files, certificate strings, and PFX/PKCS12 data from files, memory, encoded text, or existing Chilkat objects. The vault can then be exported as XML, loaded from XML, or saved to an XML file for later reuse by other Chilkat certificate and TLS workflows.

Add certificates

Add certificates from Cert objects, files, PEM strings, binary DER bytes, or encoded data such as Base64 or hex.

Add certificate chains

Import an entire CertChain when related issuer and intermediate certificates should be kept together in the vault.

Add PEM content

Load PEM files containing one or more certificates and/or private keys, including encrypted PEM content when a password is supplied.

Add PFX / PKCS12

Add PFX data from a Pfx object, file, byte array, or encoded string, using the PFX password to import private-key material.

Master password protection

Use MasterPassword to protect access to private keys stored in the vault.

Load and save XML

Export the vault with GetXml, load it with LoadXml or LoadXmlFile, and persist it with SaveXml.

Common pattern: Create an XmlCertVault, set MasterPassword when the vault will contain private keys, add certificates or PFX/PEM material, then save the vault with SaveXml or keep the XML string from GetXml. Later, reload the same vault with LoadXml or LoadXmlFile and provide the same master password before using private keys.
Security note: Certificates are stored unencrypted, but private keys are stored using 256-bit AES encryption. The individual PFX passwords are also stored encrypted with the vault's MasterPassword, which is required to access any private keys contained in the XML vault.

Object Creation

Chilkat v10.0.0 or greater:
$obj = new COM("Chilkat.XmlCertVault");
Chilkat v9.5.0.*:
$obj = new COM("Chilkat_9_5_0.XmlCertVault");

Properties

DebugLogFilePath
string DebugLogFilePath

If set to a file path, this property logs the LastErrorText of each Chilkat method or property call to the specified file. This logging helps identify the context and history of Chilkat calls leading up to any crash or hang, aiding in debugging.

Enabling the VerboseLogging property provides more detailed information. This property is mainly used for debugging rare instances where a Chilkat method call causes a hang or crash, which should generally not happen.

Possible causes of hangs include:

  • A timeout property set to 0, indicating an infinite timeout.
  • A hang occurring within an event callback in the application code.
  • An internal bug in the Chilkat code causing the hang.

More Information and Examples
top
LastBinaryResult
VARIANT LastBinaryResult (read-only)

This property is mainly used in SQL Server stored procedures to retrieve binary data from the last method call that returned binary data. It is only accessible if Chilkat.Global.KeepBinaryResult is set to true. This feature allows for the retrieval of large varbinary results in an SQL Server environment, which has restrictions on returning large data via method calls, though temp tables can handle binary properties.

top
LastErrorHtml
string LastErrorHtml (read-only)

Provides HTML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

top
LastErrorText
string LastErrorText (read-only)

Provides plain text information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

top
LastErrorXml
string LastErrorXml (read-only)

Provides XML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

top
LastMethodSuccess
bool LastMethodSuccess

Indicates the success or failure of the most recent method call: true means success, false means failure. This property remains unchanged by property setters or getters. This method is present to address challenges in checking for null or Nothing returns in certain programming languages. Note: This property does not apply to methods that return integer values or to boolean-returning methods where the boolean does not indicate success or failure.

top
LastStringResult
string LastStringResult (read-only)

In SQL Server stored procedures, this property holds the string return value of the most recent method call that returns a string. It is accessible only when Chilkat.Global.KeepStringResult is set to TRUE. SQL Server has limitations on string lengths returned from methods and properties, but temp tables can be used to access large strings.

top
LastStringResultLen
int LastStringResultLen (read-only)

The length, in characters, of the string contained in the LastStringResult property.

top
MasterPassword
string MasterPassword
Introduced in version 9.5.0.40

The master password for the vault. Certificates are stored unencrypted, but private keys are stored 256-bit AES encrypted using the individual PFX passwords. The PFX passwords are stored 256-bit AES encrypted using the master password. The master password is required to acces any of the private keys stored within the XML vault.

top
VerboseLogging
bool VerboseLogging

If set to true, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is false. Verbose logging should only be used for debugging. The potentially large quantity of logged information may adversely affect peformance.

top
Version
string Version (read-only)

Version of the component/library, such as "10.1.0"

More Information and Examples
top

Methods

AddCert
bool AddCert(Chilkat.Cert cert)
Introduced in version 9.5.0.40

Adds a certificate to the XML vault.

Returns true for success, false for failure.

top
AddCertBinary
bool AddCertBinary(VARIANT certBytes)
Introduced in version 9.5.0.40

Adds a certificate to the XML vault from any binary format, such as DER.

Returns true for success, false for failure.

top
AddCertChain
bool AddCertChain(Chilkat.CertChain certChain)
Introduced in version 9.5.0.40

Adds a chain of certificates to the XML vault.

Returns true for success, false for failure.

top
AddCertEncoded
bool AddCertEncoded(string encodedBytes, string encoding)
Introduced in version 9.5.0.40

Adds a certificate to the XML vault where certificate is passed directly from encoded bytes (such as Base64, Hex, etc.). The encoding is indicated by encoding.

Returns true for success, false for failure.

top
AddCertFile
bool AddCertFile(string path)
Introduced in version 9.5.0.40

Adds a certificate to the XML vault.

Returns true for success, false for failure.

top
AddCertString
bool AddCertString(string certData)
Introduced in version 9.5.0.40

Adds a certificate from any string representation format such as PEM.

Returns true for success, false for failure.

top
AddPemFile
bool AddPemFile(string path, string password)
Introduced in version 9.5.0.40

Adds the contents of a PEM file to the XML vault. The PEM file may be encrypted, and it may contain one or more certificates and/or private keys. The password is optional and only required if the PEM file contains encrypted content that requires a password.

Returns true for success, false for failure.

top
AddPfx
bool AddPfx(Chilkat.Pfx pfx)
Introduced in version 9.5.0.40

Adds a PFX (PKCS12) to the XML vault.

Returns true for success, false for failure.

top
AddPfxBinary
bool AddPfxBinary(VARIANT pfxBytes, string password)
Introduced in version 9.5.0.40

Adds a PFX to the XML vault where PFX is passed directly from in-memory binary bytes.

Returns true for success, false for failure.

top
AddPfxEncoded
bool AddPfxEncoded(string encodedBytes, string encoding, string password)

Adds a PFX to the XML vault where PFX is passed directly from encoded bytes (such as Base64, Hex, etc.). The encoding is indicated by encoding.

Returns true for success, false for failure.

top
AddPfxFile
bool AddPfxFile(string path, string password)
Introduced in version 9.5.0.40

Adds a PFX file to the XML vault.

Returns true for success, false for failure.

top
GetXml
string GetXml()
Introduced in version 9.5.0.40

Returns the contents of the cert vault as an XML string.

Returns null on failure

top
LoadXml
bool LoadXml(string xml)
Introduced in version 9.5.0.40

Loads from an XML string.

Returns true for success, false for failure.

top
LoadXmlFile
bool LoadXmlFile(string path)
Introduced in version 9.5.0.40

Loads from an XML file.

Returns true for success, false for failure.

top
SaveXml
bool SaveXml(string path)
Introduced in version 9.5.0.40

Saves the contents to an XML file.

Returns true for success, false for failure.

top