Java
Java
Load Certs from Java KeyStore into Trusted CA Roots
See more Java KeyStore (JKS) Examples
Demonstrates how to load a Java KeyStore containing CA root certificates that are to be trusted by the application. This can be done once at the beginning of an application, and then the trusted roots can be activated so that only these root CA certs are trusted by the application for any TLS connections.Chilkat Java Downloads
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
boolean success = false;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkJavaKeyStore jks = new CkJavaKeyStore();
jks.put_VerboseLogging(true);
String password = "myPassword";
success = jks.LoadFile(password,"qa_data/jks/entrust_caCerts.jks");
if (success != true) {
System.out.println(jks.lastErrorText());
return;
}
CkTrustedRoots troots = new CkTrustedRoots();
troots.put_VerboseLogging(true);
success = troots.AddJavaKeyStore(jks);
if (success != true) {
System.out.println(troots.lastErrorText());
return;
}
int i = 0;
int numCerts = troots.get_NumCerts();
while ((i < numCerts)) {
CkCert cacert = troots.GetCert(i);
System.out.println(i + ": " + cacert.subjectDN());
i = i+1;
}
// Activate this specific set of trusted roots.
success = troots.Activate();
if (success != true) {
System.out.println(troots.lastErrorText());
return;
}
// Output:
// 0: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority
// 1: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
// 2: C=US, O="Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, OU="(c) 2006 Entrust, Inc.", CN=Entrust Root Certification Authority
}
}