Java
Java
Load Particular CA Certs into a Java KeyStore
See more Java KeyStore (JKS) Examples
Opens a PEM file containing many CA root certificates, and creates a Java keystore containing a subset of the certificates.Chilkat Java Downloads
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
boolean success = false;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkJavaKeyStore jks = new CkJavaKeyStore();
CkTrustedRoots troots = new CkTrustedRoots();
// Load certificates from a file.
success = troots.LoadCaCertsPem("qa_data/curl_cacert.pem");
if (success != true) {
System.out.println(troots.lastErrorText());
return;
}
CkStringBuilder sbDn = new CkStringBuilder();
CkStringBuilder sbAlias = new CkStringBuilder();
boolean caseSensitive = false;
int i = 0;
int numCerts = troots.get_NumCerts();
int numAdded = 0;
while ((i < numCerts)) {
CkCert cacert = troots.GetCert(i);
sbDn.Clear();
sbDn.Append(cacert.subjectDN());
if (sbDn.Contains("Entrust.net",caseSensitive) == true) {
System.out.println(cacert.subjectDN());
// The alias is an arbitrary unique string for each cert in the JKS.
sbAlias.Clear();
sbAlias.Append("cacert_");
sbAlias.AppendInt(i+1);
jks.AddTrustedCert(cacert,sbAlias.getAsString());
numAdded = numAdded+1;
}
i = i+1;
}
// Verify the number of certs in the JKS equals the number we added.
int numJksCerts = jks.get_NumTrustedCerts();
System.out.println("NumTrustedCerts = " + numJksCerts);
if (numJksCerts != numAdded) {
System.out.println("Something is amiss!");
return;
}
// Save the JKS.
success = jks.ToFile("myPassword","qa_data/jks/entrust_caCerts.jks");
if (success != true) {
System.out.println(jks.lastErrorText());
return;
}
System.out.println("Success.");
// The output of this program when tested was:
// C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
// O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
// C=US, O="Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, OU="(c) 2006 Entrust, Inc.", CN=Entrust Root Certification Authority
// NumTrustedCerts = 3
// Success.
}
}