|
Chilkat • HOME • Android™ • Classic ASP • C • C++ • C# • Mono C# • .NET Core C# • C# UWP/WinRT • DataFlex • Delphi ActiveX • Delphi DLL • Visual FoxPro • Java • Lianja • MFC • Objective-C • Perl • PHP ActiveX • PHP Extension • PowerBuilder • PowerShell • PureBasic • CkPython • Chilkat2-Python • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • Visual Basic 6.0 • VB.NET • VB.NET UWP/WinRT • VBScript • Xojo Plugin • Node.js • Excel • Go
(MFC) Import a PFX/P12 into the Windows Certificate StoresDemonstrates how to import the certificates contained in a .pfx/.p12 to the Windows certificate stores.
#include <CkCert.h> #include <CkCertChain.h> #include <CkCertStore.h> void ChilkatSample(void) { CkString strOut; CkCert primaryCert; // Load a PFX file into a certificate object. // The cert object will contain the certificate from the PFX that has a private key. // The certs in the chain of authentication (if contained in the PFX) are also loaded, // and can be accessed by getting the certificate chain (see below). // If the PFX did not include the issuer certs in the chain of authentication, then Chilkat will // automatically try to construct the issuer chain from the CA and intermedicate CA certs // already installed on the Windows system. const char *pfxPassword = "myPfxPassword"; bool success = primaryCert.LoadPfxFile("qa_data/pfx/somePfx.p12",pfxPassword); if (success == false) { strOut.append(primaryCert.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } CkCertChain *certChain = primaryCert.GetCertChain(); if (primaryCert.get_LastMethodSuccess() == false) { strOut.append(primaryCert.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // If the certificate chain reaches the root CA cert, then the last cert in the chain // is the root CA cert. bool chainReachesRoot = certChain->get_ReachesRoot(); if (chainReachesRoot == true) { strOut.append("The certificate chain reaches the root CA cert."); strOut.append("\r\n"); } CkCert *cert = 0; int i = 0; int numCerts = certChain->get_NumCerts(); while (i < numCerts) { cert = certChain->GetCert(i); strOut.append("SubjectDN "); strOut.appendInt(i); strOut.append(": "); strOut.append(cert->subjectDN()); strOut.append("\r\n"); strOut.append("IssuerDN "); strOut.appendInt(i); strOut.append(": "); strOut.append(cert->issuerDN()); strOut.append("\r\n"); strOut.append("--"); strOut.append("\r\n"); delete cert; i = i + 1; } // The primary cert having the private key will be imported into the Current User "My" certificate store. // Any intermediate root certificates will be imported into certificate store for intermediate certificate authorities. // The root CA cert will be imported into the Root CA cert store. // Let's open each of these 3 certificate stores.. CkCertStore certStoreCU; CkCertStore certStoreCA; CkCertStore certStoreRootCA; bool readOnlyFlag = false; // "CurrentUser" and "My" are the exact keywords to select your user account's certificate store. success = certStoreCU.OpenWindowsStore("CurrentUser","My",readOnlyFlag); if (success == false) { strOut.append("Failed to open the CurrentUser/My certificate store for read/write."); strOut.append("\r\n"); delete certChain; SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Certificate store for intermediate certification authorities (CAs). success = certStoreCA.OpenWindowsStore("CurrentUser","CertificationAuthority",readOnlyFlag); if (success == false) { strOut.append("Failed to open the CurrentUser/CertificationAuthority certificate store for read/write."); strOut.append("\r\n"); delete certChain; SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Certificate store for trusted root certification authorities (CAs). success = certStoreRootCA.OpenWindowsStore("CurrentUser","Root",readOnlyFlag); if (success == false) { strOut.append("Failed to open the CurrentUser/Root certificate store for read/write."); strOut.append("\r\n"); delete certChain; SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Iterate over the certs in the chain and import each into the desired certificate store. bool allSuccess = true; i = 0; while (i < numCerts) { cert = certChain->GetCert(i); if (i == 0) { // Import the primary certificate into the CurrentUser/My certificate store. success = certStoreCU.AddCertificate(*cert); if (success == false) { strOut.append(certStoreCU.lastErrorText()); strOut.append("\r\n"); allSuccess = false; } } else { if ((i == (numCerts - 1)) && (chainReachesRoot == true)) { // Add the root CA certificate to the CurrentUser/Root certificate store. // (Your application can obviously choose whether this should be done or not. Perhaps you prompt the user.) // Note: If the root CA cert is already present in the Windows certificate store, Windows will display // a dialog to ask if it should be deleted. Chilkat does not explicitly display dialogs. success = certStoreRootCA.AddCertificate(*cert); if (success == false) { strOut.append(certStoreRootCA.lastErrorText()); strOut.append("\r\n"); allSuccess = false; } } else { // This is an intermediate CA certificate. success = certStoreCA.AddCertificate(*cert); if (success == false) { strOut.append(certStoreCA.lastErrorText()); strOut.append("\r\n"); allSuccess = false; } } } if (success == false) { strOut.append("Failed to import certificate."); strOut.append("\r\n"); } delete cert; i = i + 1; } delete certChain; strOut.append("allSuccess = "); strOut.appendInt(allSuccess); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
||||
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.