|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PureBasic) Import a PFX/P12 into the Windows Certificate StoresDemonstrates how to import the certificates contained in a .pfx/.p12 to the Windows certificate stores.
IncludeFile "CkCertStore.pb" IncludeFile "CkCert.pb" IncludeFile "CkCertChain.pb" Procedure ChilkatExample() primaryCert.i = CkCert::ckCreate() If primaryCert.i = 0 Debug "Failed to create object." ProcedureReturn EndIf ; Load a PFX file into a certificate object. ; The cert object will contain the certificate from the PFX that has a private key. ; The certs in the chain of authentication (if contained in the PFX) are also loaded, ; and can be accessed by getting the certificate chain (see below). ; If the PFX did not include the issuer certs in the chain of authentication, then Chilkat will ; automatically try to construct the issuer chain from the CA and intermedicate CA certs ; already installed on the Windows system. pfxPassword.s = "myPfxPassword" success.i = CkCert::ckLoadPfxFile(primaryCert,"qa_data/pfx/somePfx.p12",pfxPassword) If success = 0 Debug CkCert::ckLastErrorText(primaryCert) CkCert::ckDispose(primaryCert) ProcedureReturn EndIf certChain.i = CkCert::ckGetCertChain(primaryCert) If CkCert::ckLastMethodSuccess(primaryCert) = 0 Debug CkCert::ckLastErrorText(primaryCert) CkCert::ckDispose(primaryCert) ProcedureReturn EndIf ; If the certificate chain reaches the root CA cert, then the last cert in the chain ; is the root CA cert. chainReachesRoot.i = CkCertChain::ckReachesRoot(certChain) If chainReachesRoot = 1 Debug "The certificate chain reaches the root CA cert." EndIf cert.i i.i = 0 numCerts.i = CkCertChain::ckNumCerts(certChain) While i < numCerts cert = CkCertChain::ckGetCert(certChain,i) Debug "SubjectDN " + Str(i) + ": " + CkCert::ckSubjectDN(cert) Debug "IssuerDN " + Str(i) + ": " + CkCert::ckIssuerDN(cert) Debug "--" CkCert::ckDispose(cert) i = i + 1 Wend ; The primary cert having the private key will be imported into the Current User "My" certificate store. ; Any intermediate root certificates will be imported into certificate store for intermediate certificate authorities. ; The root CA cert will be imported into the Root CA cert store. ; Let's open each of these 3 certificate stores.. certStoreCU.i = CkCertStore::ckCreate() If certStoreCU.i = 0 Debug "Failed to create object." ProcedureReturn EndIf certStoreCA.i = CkCertStore::ckCreate() If certStoreCA.i = 0 Debug "Failed to create object." ProcedureReturn EndIf certStoreRootCA.i = CkCertStore::ckCreate() If certStoreRootCA.i = 0 Debug "Failed to create object." ProcedureReturn EndIf readOnlyFlag.i = 0 ; "CurrentUser" and "My" are the exact keywords to select your user account's certificate store. success = CkCertStore::ckOpenWindowsStore(certStoreCU,"CurrentUser","My",readOnlyFlag) If success = 0 Debug "Failed to open the CurrentUser/My certificate store for read/write." CkCertChain::ckDispose(certChain) CkCert::ckDispose(primaryCert) CkCertStore::ckDispose(certStoreCU) CkCertStore::ckDispose(certStoreCA) CkCertStore::ckDispose(certStoreRootCA) ProcedureReturn EndIf ; Certificate store for intermediate certification authorities (CAs). success = CkCertStore::ckOpenWindowsStore(certStoreCA,"CurrentUser","CertificationAuthority",readOnlyFlag) If success = 0 Debug "Failed to open the CurrentUser/CertificationAuthority certificate store for read/write." CkCertChain::ckDispose(certChain) CkCert::ckDispose(primaryCert) CkCertStore::ckDispose(certStoreCU) CkCertStore::ckDispose(certStoreCA) CkCertStore::ckDispose(certStoreRootCA) ProcedureReturn EndIf ; Certificate store for trusted root certification authorities (CAs). success = CkCertStore::ckOpenWindowsStore(certStoreRootCA,"CurrentUser","Root",readOnlyFlag) If success = 0 Debug "Failed to open the CurrentUser/Root certificate store for read/write." CkCertChain::ckDispose(certChain) CkCert::ckDispose(primaryCert) CkCertStore::ckDispose(certStoreCU) CkCertStore::ckDispose(certStoreCA) CkCertStore::ckDispose(certStoreRootCA) ProcedureReturn EndIf ; Iterate over the certs in the chain and import each into the desired certificate store. allSuccess.i = 1 i = 0 While i < numCerts cert = CkCertChain::ckGetCert(certChain,i) If i = 0 ; Import the primary certificate into the CurrentUser/My certificate store. success = CkCertStore::ckAddCertificate(certStoreCU,cert) If success = 0 Debug CkCertStore::ckLastErrorText(certStoreCU) allSuccess = 0 EndIf Else If (i = (numCerts - 1)) AND (chainReachesRoot = 1) ; Add the root CA certificate to the CurrentUser/Root certificate store. ; (Your application can obviously choose whether this should be done or not. Perhaps you prompt the user.) ; Note: If the root CA cert is already present in the Windows certificate store, Windows will display ; a dialog to ask if it should be deleted. Chilkat does not explicitly display dialogs. success = CkCertStore::ckAddCertificate(certStoreRootCA,cert) If success = 0 Debug CkCertStore::ckLastErrorText(certStoreRootCA) allSuccess = 0 EndIf Else ; This is an intermediate CA certificate. success = CkCertStore::ckAddCertificate(certStoreCA,cert) If success = 0 Debug CkCertStore::ckLastErrorText(certStoreCA) allSuccess = 0 EndIf EndIf EndIf If success = 0 Debug "Failed to import certificate." EndIf CkCert::ckDispose(cert) i = i + 1 Wend CkCertChain::ckDispose(certChain) Debug "allSuccess = " + Str(allSuccess) CkCert::ckDispose(primaryCert) CkCertStore::ckDispose(certStoreCU) CkCertStore::ckDispose(certStoreCA) CkCertStore::ckDispose(certStoreRootCA) ProcedureReturn EndProcedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.