Sample code for 30+ languages & platforms
SQL Server

Load Particular CA Certs into a Java KeyStore

See more Java KeyStore (JKS) Examples

Opens a PEM file containing many CA root certificates, and creates a Java keystore containing a subset of the certificates.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @jks int
    EXEC @hr = sp_OACreate 'Chilkat.JavaKeyStore', @jks OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @troots int
    EXEC @hr = sp_OACreate 'Chilkat.TrustedRoots', @troots OUT

    -- Load certificates from a file.
    EXEC sp_OAMethod @troots, 'LoadCaCertsPem', @success OUT, 'qa_data/curl_cacert.pem'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @troots, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @jks
        EXEC @hr = sp_OADestroy @troots
        RETURN
      END

    DECLARE @sbDn int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbDn OUT

    DECLARE @sbAlias int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbAlias OUT

    DECLARE @caseSensitive int
    SELECT @caseSensitive = 0

    DECLARE @i int
    SELECT @i = 0
    DECLARE @numCerts int
    EXEC sp_OAGetProperty @troots, 'NumCerts', @numCerts OUT
    DECLARE @numAdded int
    SELECT @numAdded = 0
    WHILE (@i < @numCerts)
      BEGIN
        DECLARE @cacert int
        EXEC sp_OAMethod @troots, 'GetCert', @cacert OUT, @i
        EXEC sp_OAMethod @sbDn, 'Clear', NULL
        EXEC sp_OAGetProperty @cacert, 'SubjectDN', @sTmp0 OUT
        EXEC sp_OAMethod @sbDn, 'Append', @success OUT, @sTmp0
        EXEC sp_OAMethod @sbDn, 'Contains', @iTmp0 OUT, 'Entrust.net', @caseSensitive
        IF @iTmp0 = 1
          BEGIN
            EXEC sp_OAGetProperty @cacert, 'SubjectDN', @sTmp0 OUT
            PRINT @sTmp0

            -- The alias is an arbitrary unique string for each cert in the JKS.
            EXEC sp_OAMethod @sbAlias, 'Clear', NULL
            EXEC sp_OAMethod @sbAlias, 'Append', @success OUT, 'cacert_'
            EXEC sp_OAMethod @sbAlias, 'AppendInt', @success OUT, @i + 1
            EXEC sp_OAMethod @sbAlias, 'GetAsString', @sTmp0 OUT
            EXEC sp_OAMethod @jks, 'AddTrustedCert', @success OUT, @cacert, @sTmp0
            SELECT @numAdded = @numAdded + 1
          END
        EXEC @hr = sp_OADestroy @cacert

        SELECT @i = @i + 1
      END

    -- Verify the number of certs in the JKS equals the number we added.
    DECLARE @numJksCerts int
    EXEC sp_OAGetProperty @jks, 'NumTrustedCerts', @numJksCerts OUT

    PRINT 'NumTrustedCerts = ' + @numJksCerts
    IF @numJksCerts <> @numAdded
      BEGIN

        PRINT 'Something is amiss!'
        EXEC @hr = sp_OADestroy @jks
        EXEC @hr = sp_OADestroy @troots
        EXEC @hr = sp_OADestroy @sbDn
        EXEC @hr = sp_OADestroy @sbAlias
        RETURN
      END

    -- Save the JKS.
    EXEC sp_OAMethod @jks, 'ToFile', @success OUT, 'myPassword', 'qa_data/jks/entrust_caCerts.jks'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @jks, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @jks
        EXEC @hr = sp_OADestroy @troots
        EXEC @hr = sp_OADestroy @sbDn
        EXEC @hr = sp_OADestroy @sbAlias
        RETURN
      END


    PRINT 'Success.'

    -- The output of this program when tested was:

    -- C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
    -- O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
    -- C=US, O="Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, OU="(c) 2006 Entrust, Inc.", CN=Entrust Root Certification Authority
    -- NumTrustedCerts = 3
    -- Success.

    EXEC @hr = sp_OADestroy @jks
    EXEC @hr = sp_OADestroy @troots
    EXEC @hr = sp_OADestroy @sbDn
    EXEC @hr = sp_OADestroy @sbAlias


END
GO