Sample code for 30+ languages & platforms
Android™

Get Certificates from .p12 / .pfx

See more PFX/P12 Examples

A PKCS12 (.p12 / .pfx) is a container for holding a certificate, its private key, and the certs in the chain of authentication up to and possibly including the root CA cert. A .p12 is not required to contain certain things. It will contain whatever the creator of the .p12 decided to include. It's possible to contain just a private key, just a cert, many certs without private keys, or many certs with many private keys. Usually, a .p12 contains one certificate, its associated private key, and certificates in the chain of authentication.

Chilkat Android™ Downloads

Android™
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;

import android.app.Activity;
import com.chilkatsoft.*;

import android.widget.TextView;
import android.os.Bundle;

public class SimpleActivity extends Activity {

  private static final String TAG = "Chilkat";

  // Called when the activity is first created.
  @Override
  public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    boolean success = false;

    CkPfx pfx = new CkPfx();

    success = pfx.LoadPfxFile("qa_data/pfx/test.pfx","pfx_password");
    if (success == false) {
        Log.i(TAG, pfx.lastErrorText());
        return;
        }

    // Iterate over the certs contained in the PFX
    CkCert cert = new CkCert();
    int numCerts = pfx.get_NumCerts();
    int i = 0;
    while (i < numCerts) {

        pfx.CertAt(i,cert);

        Log.i(TAG, "--- " + String.valueOf(i) + " ---");
        Log.i(TAG, cert.subjectDN());
        // Is this a root cert, or self-signed?
        Log.i(TAG, "Root: " + String.valueOf(cert.get_IsRoot()));
        Log.i(TAG, "Self-Signed: " + String.valueOf(cert.get_SelfSigned()));

        // If this certificate is not the root (self-signed), then get the issuer.
        // If the issuing certificate is contained in the PFX, then it will be found here..
        if (cert.get_SelfSigned() != true) {
            CkCert issuer = cert.FindIssuer();
            if (cert.get_LastMethodSuccess() == false) {
                Log.i(TAG, "Issuer not found.");
                }
            else {
                Log.i(TAG, "Issuer: " + issuer.subjectDN());

                }

            }

        i = i + 1;
        }

    // Usually, the user certificate is at index 0, its issuer is at index 1, etc. until we get to the root certificate.

  }

  static {
      System.loadLibrary("chilkat");

      // Note: If the incorrect library name is passed to System.loadLibrary,
      // then you will see the following error message at application startup:
      //"The application <your-application-name> has stopped unexpectedly. Please try again."
  }
}