Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PHP Extension) Import a PFX/P12 into the Windows Certificate StoresDemonstrates how to import the certificates contained in a .pfx/.p12 to the Windows certificate stores.
<?php // The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. // For example, if using Chilkat v9.5.0.48, then include as shown here: include("chilkat_9_5_0.php"); $primaryCert = new CkCert(); // Load a PFX file into a certificate object. // The cert object will contain the certificate from the PFX that has a private key. // The certs in the chain of authentication (if contained in the PFX) are also loaded, // and can be accessed by getting the certificate chain (see below). // If the PFX did not include the issuer certs in the chain of authentication, then Chilkat will // automatically try to construct the issuer chain from the CA and intermedicate CA certs // already installed on the Windows system. $pfxPassword = 'myPfxPassword'; $success = $primaryCert->LoadPfxFile('qa_data/pfx/somePfx.p12',$pfxPassword); if ($success == false) { print $primaryCert->lastErrorText() . "\n"; exit; } // certChain is a CkCertChain $certChain = $primaryCert->GetCertChain(); if ($primaryCert->get_LastMethodSuccess() == false) { print $primaryCert->lastErrorText() . "\n"; exit; } // If the certificate chain reaches the root CA cert, then the last cert in the chain // is the root CA cert. $chainReachesRoot = $certChain->get_ReachesRoot(); if ($chainReachesRoot == true) { print 'The certificate chain reaches the root CA cert.' . "\n"; } $i = 0; $numCerts = $certChain->get_NumCerts(); while ($i < $numCerts) { // cert is a CkCert $cert = $certChain->GetCert($i); print 'SubjectDN ' . $i . ': ' . $cert->subjectDN() . "\n"; print 'IssuerDN ' . $i . ': ' . $cert->issuerDN() . "\n"; print '--' . "\n"; $i = $i + 1; } // The primary cert having the private key will be imported into the Current User "My" certificate store. // Any intermediate root certificates will be imported into certificate store for intermediate certificate authorities. // The root CA cert will be imported into the Root CA cert store. // Let's open each of these 3 certificate stores.. $certStoreCU = new CkCertStore(); $certStoreCA = new CkCertStore(); $certStoreRootCA = new CkCertStore(); $readOnlyFlag = false; // "CurrentUser" and "My" are the exact keywords to select your user account's certificate store. $success = $certStoreCU->OpenWindowsStore('CurrentUser','My',$readOnlyFlag); if ($success == false) { print 'Failed to open the CurrentUser/My certificate store for read/write.' . "\n"; exit; } // Certificate store for intermediate certification authorities (CAs). $success = $certStoreCA->OpenWindowsStore('CurrentUser','CertificationAuthority',$readOnlyFlag); if ($success == false) { print 'Failed to open the CurrentUser/CertificationAuthority certificate store for read/write.' . "\n"; exit; } // Certificate store for trusted root certification authorities (CAs). $success = $certStoreRootCA->OpenWindowsStore('CurrentUser','Root',$readOnlyFlag); if ($success == false) { print 'Failed to open the CurrentUser/Root certificate store for read/write.' . "\n"; exit; } // Iterate over the certs in the chain and import each into the desired certificate store. $allSuccess = true; $i = 0; while ($i < $numCerts) { // cert is a CkCert $cert = $certChain->GetCert($i); if ($i == 0) { // Import the primary certificate into the CurrentUser/My certificate store. $success = $certStoreCU->AddCertificate($cert); if ($success == false) { print $certStoreCU->lastErrorText() . "\n"; $allSuccess = false; } } else { if (($i == ($numCerts - 1)) and ($chainReachesRoot == true)) { // Add the root CA certificate to the CurrentUser/Root certificate store. // (Your application can obviously choose whether this should be done or not. Perhaps you prompt the user.) // Note: If the root CA cert is already present in the Windows certificate store, Windows will display // a dialog to ask if it should be deleted. Chilkat does not explicitly display dialogs. $success = $certStoreRootCA->AddCertificate($cert); if ($success == false) { print $certStoreRootCA->lastErrorText() . "\n"; $allSuccess = false; } } else { // This is an intermediate CA certificate. $success = $certStoreCA->AddCertificate($cert); if ($success == false) { print $certStoreCA->lastErrorText() . "\n"; $allSuccess = false; } } } if ($success == false) { print 'Failed to import certificate.' . "\n"; } $i = $i + 1; } print 'allSuccess = ' . $allSuccess . "\n"; ?> |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.