Sample code for 30+ languages & platforms
Tcl

Get the Certificate with Private Key from a Java KeyStore

See more Java KeyStore (JKS) Examples

Load a Chilkat certificate object from a Java KeyStore.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# Most of the time a .jks contains one certificate with it's associated private key.
# (Similar to how a .pfx/.p12 usually contains a particular certificate with private key.)
# This example demonstrates how to get the certificate with private key such that it can be used
# by other Chilkat classes wherever a cert w/ private key is needed.
set jks [new_CkJavaKeyStore]

set password "secret"
set success [CkJavaKeyStore_LoadFile $jks $password "qa_data/jks/test_secret.jks"]
if {$success == 0} then {
    puts [CkJavaKeyStore_lastErrorText $jks]
    delete_CkJavaKeyStore $jks
    exit
}

# Make sure we have a private key.
if {[CkJavaKeyStore_get_NumPrivateKeys $jks] < 1} then {
    puts "No private key available."
    delete_CkJavaKeyStore $jks
    exit
}

# -------------------------------------------------------------------------
# Get the certificate chain associated with the 1st (and probably only) private key in the JKS.

set chain [new_CkCertChain]

set success [CkJavaKeyStore_CertChainAt $jks 0 $chain]
if {$success == 0} then {
    puts [CkJavaKeyStore_lastErrorText $jks]
    delete_CkJavaKeyStore $jks
    delete_CkCertChain $chain
    exit
}

set cert [new_CkCert]

set success [CkCertChain_CertAt $chain 0 $cert]
if {$success == 0} then {
    puts [CkCertChain_lastErrorText $chain]
    delete_CkJavaKeyStore $jks
    delete_CkCertChain $chain
    delete_CkCert $cert
    exit
}

# Verify again that this cert has a private key.
if {[CkCert_HasPrivateKey $cert] != 1} then {
    puts "Certificate has no associated private key."
    delete_CkJavaKeyStore $jks
    delete_CkCertChain $chain
    delete_CkCert $cert
    exit
}

# We now have the cert object with it's associated private key, and it can be used in other Chilkat classes where needed.
# For example..

set crypt [new_CkCrypt2]

set success [CkCrypt2_SetSigningCert $crypt $cert]
if {$success == 0} then {
    puts [CkCrypt2_lastErrorText $crypt]
    delete_CkJavaKeyStore $jks
    delete_CkCertChain $chain
    delete_CkCert $cert
    delete_CkCrypt2 $crypt
    exit
}

# ...
# ...

delete_CkJavaKeyStore $jks
delete_CkCertChain $chain
delete_CkCert $cert
delete_CkCrypt2 $crypt