Unicode C
Unicode C
Load Particular CA Certs into a Java KeyStore
See more Java KeyStore (JKS) Examples
Opens a PEM file containing many CA root certificates, and creates a Java keystore containing a subset of the certificates.Chilkat Unicode C Downloads
#include <C_CkJavaKeyStoreW.h>
#include <C_CkTrustedRootsW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkCertW.h>
void ChilkatSample(void)
{
BOOL success;
HCkJavaKeyStoreW jks;
HCkTrustedRootsW troots;
HCkStringBuilderW sbDn;
HCkStringBuilderW sbAlias;
BOOL caseSensitive;
int i;
int numCerts;
int numAdded;
HCkCertW cacert;
int numJksCerts;
success = FALSE;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
jks = CkJavaKeyStoreW_Create();
troots = CkTrustedRootsW_Create();
// Load certificates from a file.
success = CkTrustedRootsW_LoadCaCertsPem(troots,L"qa_data/curl_cacert.pem");
if (success != TRUE) {
wprintf(L"%s\n",CkTrustedRootsW_lastErrorText(troots));
CkJavaKeyStoreW_Dispose(jks);
CkTrustedRootsW_Dispose(troots);
return;
}
sbDn = CkStringBuilderW_Create();
sbAlias = CkStringBuilderW_Create();
caseSensitive = FALSE;
i = 0;
numCerts = CkTrustedRootsW_getNumCerts(troots);
numAdded = 0;
while ((i < numCerts)) {
cacert = CkTrustedRootsW_GetCert(troots,i);
CkStringBuilderW_Clear(sbDn);
CkStringBuilderW_Append(sbDn,CkCertW_subjectDN(cacert));
if (CkStringBuilderW_Contains(sbDn,L"Entrust.net",caseSensitive) == TRUE) {
wprintf(L"%s\n",CkCertW_subjectDN(cacert));
// The alias is an arbitrary unique string for each cert in the JKS.
CkStringBuilderW_Clear(sbAlias);
CkStringBuilderW_Append(sbAlias,L"cacert_");
CkStringBuilderW_AppendInt(sbAlias,i + 1);
CkJavaKeyStoreW_AddTrustedCert(jks,cacert,CkStringBuilderW_getAsString(sbAlias));
numAdded = numAdded + 1;
}
CkCertW_Dispose(cacert);
i = i + 1;
}
// Verify the number of certs in the JKS equals the number we added.
numJksCerts = CkJavaKeyStoreW_getNumTrustedCerts(jks);
wprintf(L"NumTrustedCerts = %d\n",numJksCerts);
if (numJksCerts != numAdded) {
wprintf(L"Something is amiss!\n");
CkJavaKeyStoreW_Dispose(jks);
CkTrustedRootsW_Dispose(troots);
CkStringBuilderW_Dispose(sbDn);
CkStringBuilderW_Dispose(sbAlias);
return;
}
// Save the JKS.
success = CkJavaKeyStoreW_ToFile(jks,L"myPassword",L"qa_data/jks/entrust_caCerts.jks");
if (success != TRUE) {
wprintf(L"%s\n",CkJavaKeyStoreW_lastErrorText(jks));
CkJavaKeyStoreW_Dispose(jks);
CkTrustedRootsW_Dispose(troots);
CkStringBuilderW_Dispose(sbDn);
CkStringBuilderW_Dispose(sbAlias);
return;
}
wprintf(L"Success.\n");
// The output of this program when tested was:
// C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
// O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
// C=US, O="Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, OU="(c) 2006 Entrust, Inc.", CN=Entrust Root Certification Authority
// NumTrustedCerts = 3
// Success.
CkJavaKeyStoreW_Dispose(jks);
CkTrustedRootsW_Dispose(troots);
CkStringBuilderW_Dispose(sbDn);
CkStringBuilderW_Dispose(sbAlias);
}