Sample code for 30+ languages & platforms
Perl

Load Particular CA Certs into a Java KeyStore

See more Java KeyStore (JKS) Examples

Opens a PEM file containing many CA root certificates, and creates a Java keystore containing a subset of the certificates.

Chilkat Perl Downloads

Perl
use chilkat();

$success = 0;

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

$jks = chilkat::CkJavaKeyStore->new();

$troots = chilkat::CkTrustedRoots->new();

# Load certificates from a file.
$success = $troots->LoadCaCertsPem("qa_data/curl_cacert.pem");
if ($success != 1) {
    print $troots->lastErrorText() . "\r\n";
    exit;
}

$sbDn = chilkat::CkStringBuilder->new();
$sbAlias = chilkat::CkStringBuilder->new();
$caseSensitive = 0;

$i = 0;
$numCerts = $troots->get_NumCerts();
$numAdded = 0;
while (($i < $numCerts)) {
    # cacert is a Cert
    $cacert = $troots->GetCert($i);
    $sbDn->Clear();
    $sbDn->Append($cacert->subjectDN());
    if ($sbDn->Contains("Entrust.net",$caseSensitive) == 1) {
        print $cacert->subjectDN() . "\r\n";

        # The alias is an arbitrary unique string for each cert in the JKS.
        $sbAlias->Clear();
        $sbAlias->Append("cacert_");
        $sbAlias->AppendInt($i + 1);
        $jks->AddTrustedCert($cacert,$sbAlias->getAsString());
        $numAdded = $numAdded + 1;
    }

    $i = $i + 1;
}

# Verify the number of certs in the JKS equals the number we added.
$numJksCerts = $jks->get_NumTrustedCerts();
print "NumTrustedCerts = " . $numJksCerts . "\r\n";
if ($numJksCerts != $numAdded) {
    print "Something is amiss!" . "\r\n";
    exit;
}

# Save the JKS.
$success = $jks->ToFile("myPassword","qa_data/jks/entrust_caCerts.jks");
if ($success != 1) {
    print $jks->lastErrorText() . "\r\n";
    exit;
}

print "Success." . "\r\n";

# The output of this program when tested was:

# C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
# O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
# C=US, O="Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, OU="(c) 2006 Entrust, Inc.", CN=Entrust Root Certification Authority
# NumTrustedCerts = 3
# Success.