(Unicode C) Get the Certificate with Private Key from a Java KeyStore

See more Java KeyStore (JKS) Examples

Note: This example requires Chilkat v11.0.0 or greater.

Chilkat C/C++ Library Downloads
MS Visual C/C++ C++ Builder Linux C/C++ Alpine Linux C/C++	MacOS C/C++ iOS C/C++ Android C/C++ MinGW C/C++

#include <C_CkJavaKeyStoreW.h>
#include <C_CkCertChainW.h>
#include <C_CkCertW.h>
#include <C_CkCrypt2W.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkJavaKeyStoreW jks;
    const wchar_t *password;
    HCkCertChainW chain;
    HCkCertW cert;
    HCkCrypt2W crypt;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Most of the time a .jks contains one certificate with it's associated private key.
    // (Similar to how a .pfx/.p12 usually contains a particular certificate with private key.)
    // This example demonstrates how to get the certificate with private key such that it can be used
    // by other Chilkat classes wherever a cert w/ private key is needed.
    jks = CkJavaKeyStoreW_Create();
    password = L"secret";
    success = CkJavaKeyStoreW_LoadFile(jks,password,L"qa_data/jks/test_secret.jks");
    if (success == FALSE) {
        wprintf(L"%s\n",CkJavaKeyStoreW_lastErrorText(jks));
        CkJavaKeyStoreW_Dispose(jks);
        return;
    }

    // Make sure we have a private key.
    if (CkJavaKeyStoreW_getNumPrivateKeys(jks) < 1) {
        wprintf(L"No private key available.\n");
        CkJavaKeyStoreW_Dispose(jks);
        return;
    }

    // -------------------------------------------------------------------------
    // Get the certificate chain associated with the 1st (and probably only) private key in the JKS.

    chain = CkCertChainW_Create();
    success = CkJavaKeyStoreW_CertChainAt(jks,0,chain);
    if (success == FALSE) {
        wprintf(L"%s\n",CkJavaKeyStoreW_lastErrorText(jks));
        CkJavaKeyStoreW_Dispose(jks);
        CkCertChainW_Dispose(chain);
        return;
    }

    cert = CkCertW_Create();
    success = CkCertChainW_CertAt(chain,0,cert);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertChainW_lastErrorText(chain));
        CkJavaKeyStoreW_Dispose(jks);
        CkCertChainW_Dispose(chain);
        CkCertW_Dispose(cert);
        return;
    }

    // Verify again that this cert has a private key.
    if (CkCertW_HasPrivateKey(cert) != TRUE) {
        wprintf(L"Certificate has no associated private key.\n");
        CkJavaKeyStoreW_Dispose(jks);
        CkCertChainW_Dispose(chain);
        CkCertW_Dispose(cert);
        return;
    }

    // We now have the cert object with it's associated private key, and it can be used in other Chilkat classes where needed.
    // For example..

    crypt = CkCrypt2W_Create();
    success = CkCrypt2W_SetSigningCert(crypt,cert);
    if (success == FALSE) {
        wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
        CkJavaKeyStoreW_Dispose(jks);
        CkCertChainW_Dispose(chain);
        CkCertW_Dispose(cert);
        CkCrypt2W_Dispose(crypt);
        return;
    }

    // ...
    // ...


    CkJavaKeyStoreW_Dispose(jks);
    CkCertChainW_Dispose(chain);
    CkCertW_Dispose(cert);
    CkCrypt2W_Dispose(crypt);

    }