(DataFlex) Load Particular CA Certs into a Java KeyStore

Opens a PEM file containing many CA root certificates, and creates a Java keystore containing a subset of the certificates.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

Use ChilkatAx-win32.pkg

Procedure Test
    Handle hoJks
    Handle hoTroots
    Boolean iSuccess
    Handle hoSbDn
    Handle hoSbAlias
    Boolean iCaseSensitive
    Integer i
    Integer iNumCerts
    Integer iNumAdded
    Variant vCacert
    Handle hoCacert
    Integer iNumJksCerts
    String sTemp1
    Boolean bTemp1

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatJavaKeyStore)) To hoJks
    If (Not(IsComObjectCreated(hoJks))) Begin
        Send CreateComObject of hoJks
    End

    Get Create (RefClass(cComChilkatTrustedRoots)) To hoTroots
    If (Not(IsComObjectCreated(hoTroots))) Begin
        Send CreateComObject of hoTroots
    End

    // Load certificates from a file.
    Get ComLoadCaCertsPem Of hoTroots "qa_data/curl_cacert.pem" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoTroots To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbDn
    If (Not(IsComObjectCreated(hoSbDn))) Begin
        Send CreateComObject of hoSbDn
    End
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbAlias
    If (Not(IsComObjectCreated(hoSbAlias))) Begin
        Send CreateComObject of hoSbAlias
    End
    Move False To iCaseSensitive

    Move 0 To i
    Get ComNumCerts Of hoTroots To iNumCerts
    Move 0 To iNumAdded
    While (i < iNumCerts)
        Get ComGetCert Of hoTroots i To vCacert
        If (IsComObject(vCacert)) Begin
            Get Create (RefClass(cComChilkatCert)) To hoCacert
            Set pvComObject Of hoCacert To vCacert
        End
        Send ComClear To hoSbDn
        Get ComSubjectDN Of hoCacert To sTemp1
        Get ComAppend Of hoSbDn sTemp1 To iSuccess
        Get ComContains Of hoSbDn "Entrust.net" iCaseSensitive To bTemp1
        If (bTemp1 = True) Begin
            Get ComSubjectDN Of hoCacert To sTemp1
            Showln sTemp1

            // The alias is an arbitrary unique string for each cert in the JKS.
            Send ComClear To hoSbAlias
            Get ComAppend Of hoSbAlias "cacert_" To iSuccess
            Get ComAppendInt Of hoSbAlias (i + 1) To iSuccess
            Get ComGetAsString Of hoSbAlias To sTemp1
            Get ComAddTrustedCert Of hoJks vCacert sTemp1 To iSuccess
            Move (iNumAdded + 1) To iNumAdded
        End

        Send Destroy of hoCacert
        Move (i + 1) To i
    Loop

    // Verify the number of certs in the JKS equals the number we added.
    Get ComNumTrustedCerts Of hoJks To iNumJksCerts
    Showln "NumTrustedCerts = " iNumJksCerts
    If (iNumJksCerts <> iNumAdded) Begin
        Showln "Something is amiss!"
        Procedure_Return
    End

    // Save the JKS.
    Get ComToFile Of hoJks "myPassword" "qa_data/jks/entrust_caCerts.jks" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoJks To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "Success."

    // The output of this program when tested was:

    // C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
    // O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
    // C=US, O="Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, OU="(c) 2006 Entrust, Inc.", CN=Entrust Root Certification Authority
    // NumTrustedCerts = 3
    // Success.


End_Procedure