Sample code for 30+ languages & platforms
JavaScript

Find Certificate by Email Address

See more Cert Store Examples

Demonstrates how to find a certificate having the specified email address either within the cert's subject email, or the RFC822 name.

In an X.509 certificate, an email address can typically be located in two places:

  1. RFC822 Name (Subject Alternative Name extension) -
    • The certificate may include an email address in the Subject Alternative Name (SAN) extension under the RFC822 Name field. This is a modern and preferred method because it allows for flexibility and alignment with security best practices.
    • To find it, Chilkat inspects the SAN extension in the certificate details.
  2. Subject (Common Name or Email Address attribute) -
    • Older certificates may store the email address directly in the Subject field, typically under the Email Address attribute ("emailAddress") or, less commonly, the Common Name (CN).
    • This method is less preferred in modern standards but can still be encountered in legacy implementations. Chilkat also searches here for the email address.

Note: Requires Chilkat v10.1.2 or later.

Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

var certStore = new CkCertStore();

// This opens the Current User certificate store on Windows,
// On MacOS and iOS it opens the default Keychain.
var readOnly = false;
success = certStore.OpenCurrentUserStore(readOnly);
if (success == false) {
    console.log(certStore.LastErrorText);
    return;
}

// Find the certificate having the specified email address in either the RFC822 Name or in the Subject.
var json = new CkJsonObject();
var email_address = "joe@example.com";
json.UpdateString("email",email_address);

var cert = new CkCert();
success = certStore.FindCert(json,cert);
if (success == true) {
    // Show the full distinguished name of the certificate.
    console.log("Found: " + cert.SubjectDN);
}
else {
    console.log("Not found.");
}