Sample code for 30+ languages & platforms
DataFlex

Use a Custom Set of Trusted Root Certificates

See more Certificates Examples

Demonstrates how to build a set of trusted root certificates to be used globally by all Chilkat classes.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoTrustedRoots
    Handle hoZip
    Variant vEntry
    Handle hoEntry
    String sPemStr
    Variant vCert
    Handle hoCert
    String sPattern
    Boolean iBHasMoreEntries
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatTrustedRoots)) To hoTrustedRoots
    If (Not(IsComObjectCreated(hoTrustedRoots))) Begin
        Send CreateComObject of hoTrustedRoots
    End

    //  Indicate that we will NOT trust any pre-installed certificates on the system.
    Set ComTrustSystemCaRoots Of hoTrustedRoots To False

    // Thawte is a certificate authority that provides a .zip download of their
    // root CA certificates:  https://www.thawte.com/roots/index.html
    // The direct download link is: https://www.verisign.com/support/thawte-roots.zip
    // Note: The above URLs are valid at the time of writing this example (29-May-2015).

    // Assuming the .zip has already been downloaded, open it and load each .pem file into
    // our trusted roots object.
    Get Create (RefClass(cComChilkatZip)) To hoZip
    If (Not(IsComObjectCreated(hoZip))) Begin
        Send CreateComObject of hoZip
    End

    // Open a .zip containing PEM files, among other things..
    Get ComOpenZip Of hoZip "qa_data/certs/thawte-roots.zip" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoZip To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatZipEntry)) To hoEntry
    If (Not(IsComObjectCreated(hoEntry))) Begin
        Send CreateComObject of hoEntry
    End

    Get Create (RefClass(cComChilkatCert)) To hoCert
    If (Not(IsComObjectCreated(hoCert))) Begin
        Send CreateComObject of hoCert
    End

    Move "*.pem" To sPattern
    Get pvComObject of hoEntry to vEntry
    Get ComEntryMatching Of hoZip sPattern vEntry To iBHasMoreEntries
    While (iBHasMoreEntries = True)

        Get ComFileName Of hoEntry To sTemp1
        Showln "Entry: " sTemp1

        // Get the PEM of the CA cert:
        Get ComUnzipToString Of hoEntry 0 "utf-8" To sPemStr

        // Load it into a certificate object:
        Get ComLoadPem Of hoCert sPemStr To iSuccess
        If (iSuccess <> True) Begin
            Get ComLastErrorText Of hoCert To sTemp1
            Showln sTemp1
        End

        // Add it to the trusted roots.
        Get pvComObject of hoCert to vCert
        Get ComAddCert Of hoTrustedRoots vCert To iSuccess

        Get ComGetNextMatch Of hoEntry sPattern To iBHasMoreEntries
    Loop

    //  Activate the trusted roots globally for all Chilkat objects.
    //  This call really shouldn't fail, so we're not checking the return value.
    Get ComActivate Of hoTrustedRoots To iSuccess


End_Procedure