|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) Import a PFX/P12 into the Windows Certificate StoresDemonstrates how to import the certificates contained in a .pfx/.p12 to the Windows certificate stores.
#include <C_CkCert.h> #include <C_CkCertChain.h> #include <C_CkCertStore.h> void ChilkatSample(void) { HCkCert primaryCert; const char *pfxPassword; BOOL success; HCkCertChain certChain; BOOL chainReachesRoot; HCkCert cert; int i; int numCerts; HCkCertStore certStoreCU; HCkCertStore certStoreCA; HCkCertStore certStoreRootCA; BOOL readOnlyFlag; BOOL allSuccess; primaryCert = CkCert_Create(); // Load a PFX file into a certificate object. // The cert object will contain the certificate from the PFX that has a private key. // The certs in the chain of authentication (if contained in the PFX) are also loaded, // and can be accessed by getting the certificate chain (see below). // If the PFX did not include the issuer certs in the chain of authentication, then Chilkat will // automatically try to construct the issuer chain from the CA and intermedicate CA certs // already installed on the Windows system. pfxPassword = "myPfxPassword"; success = CkCert_LoadPfxFile(primaryCert,"qa_data/pfx/somePfx.p12",pfxPassword); if (success == FALSE) { printf("%s\n",CkCert_lastErrorText(primaryCert)); CkCert_Dispose(primaryCert); return; } certChain = CkCert_GetCertChain(primaryCert); if (CkCert_getLastMethodSuccess(primaryCert) == FALSE) { printf("%s\n",CkCert_lastErrorText(primaryCert)); CkCert_Dispose(primaryCert); return; } // If the certificate chain reaches the root CA cert, then the last cert in the chain // is the root CA cert. chainReachesRoot = CkCertChain_getReachesRoot(certChain); if (chainReachesRoot == TRUE) { printf("The certificate chain reaches the root CA cert.\n"); } i = 0; numCerts = CkCertChain_getNumCerts(certChain); while (i < numCerts) { cert = CkCertChain_GetCert(certChain,i); printf("SubjectDN %d: %s\n",i,CkCert_subjectDN(cert)); printf("IssuerDN %d: %s\n",i,CkCert_issuerDN(cert)); printf("--\n"); CkCert_Dispose(cert); i = i + 1; } // The primary cert having the private key will be imported into the Current User "My" certificate store. // Any intermediate root certificates will be imported into certificate store for intermediate certificate authorities. // The root CA cert will be imported into the Root CA cert store. // Let's open each of these 3 certificate stores.. certStoreCU = CkCertStore_Create(); certStoreCA = CkCertStore_Create(); certStoreRootCA = CkCertStore_Create(); readOnlyFlag = FALSE; // "CurrentUser" and "My" are the exact keywords to select your user account's certificate store. success = CkCertStore_OpenWindowsStore(certStoreCU,"CurrentUser","My",readOnlyFlag); if (success == FALSE) { printf("Failed to open the CurrentUser/My certificate store for read/write.\n"); CkCertChain_Dispose(certChain); CkCert_Dispose(primaryCert); CkCertStore_Dispose(certStoreCU); CkCertStore_Dispose(certStoreCA); CkCertStore_Dispose(certStoreRootCA); return; } // Certificate store for intermediate certification authorities (CAs). success = CkCertStore_OpenWindowsStore(certStoreCA,"CurrentUser","CertificationAuthority",readOnlyFlag); if (success == FALSE) { printf("Failed to open the CurrentUser/CertificationAuthority certificate store for read/write.\n"); CkCertChain_Dispose(certChain); CkCert_Dispose(primaryCert); CkCertStore_Dispose(certStoreCU); CkCertStore_Dispose(certStoreCA); CkCertStore_Dispose(certStoreRootCA); return; } // Certificate store for trusted root certification authorities (CAs). success = CkCertStore_OpenWindowsStore(certStoreRootCA,"CurrentUser","Root",readOnlyFlag); if (success == FALSE) { printf("Failed to open the CurrentUser/Root certificate store for read/write.\n"); CkCertChain_Dispose(certChain); CkCert_Dispose(primaryCert); CkCertStore_Dispose(certStoreCU); CkCertStore_Dispose(certStoreCA); CkCertStore_Dispose(certStoreRootCA); return; } // Iterate over the certs in the chain and import each into the desired certificate store. allSuccess = TRUE; i = 0; while (i < numCerts) { cert = CkCertChain_GetCert(certChain,i); if (i == 0) { // Import the primary certificate into the CurrentUser/My certificate store. success = CkCertStore_AddCertificate(certStoreCU,cert); if (success == FALSE) { printf("%s\n",CkCertStore_lastErrorText(certStoreCU)); allSuccess = FALSE; } } else { if ((i == (numCerts - 1)) && (chainReachesRoot == TRUE)) { // Add the root CA certificate to the CurrentUser/Root certificate store. // (Your application can obviously choose whether this should be done or not. Perhaps you prompt the user.) // Note: If the root CA cert is already present in the Windows certificate store, Windows will display // a dialog to ask if it should be deleted. Chilkat does not explicitly display dialogs. success = CkCertStore_AddCertificate(certStoreRootCA,cert); if (success == FALSE) { printf("%s\n",CkCertStore_lastErrorText(certStoreRootCA)); allSuccess = FALSE; } } else { // This is an intermediate CA certificate. success = CkCertStore_AddCertificate(certStoreCA,cert); if (success == FALSE) { printf("%s\n",CkCertStore_lastErrorText(certStoreCA)); allSuccess = FALSE; } } } if (success == FALSE) { printf("Failed to import certificate.\n"); } CkCert_Dispose(cert); i = i + 1; } CkCertChain_Dispose(certChain); printf("allSuccess = %d\n",allSuccess); CkCert_Dispose(primaryCert); CkCertStore_Dispose(certStoreCU); CkCertStore_Dispose(certStoreCA); CkCertStore_Dispose(certStoreRootCA); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.