Unicode C
Unicode C
Download and Trust the DigiCert Global Root CA
See more Certificates Examples
Demonstrates how to download a root certificate and trust it.Chilkat Unicode C Downloads
#include <C_CkHttpW.h>
#include <C_CkBinDataW.h>
#include <C_CkCertW.h>
#include <C_CkTrustedRootsW.h>
void ChilkatSample(void)
{
BOOL success;
const wchar_t *certUrl;
HCkHttpW http;
HCkBinDataW bdCert;
HCkCertW cert;
const wchar_t *certPath;
HCkTrustedRootsW troots;
success = FALSE;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// In this example, the URLs for the DigiCert root CA certs are available at this web page:
// https://www.digicert.com/digicert-root-certificates.htm
// This example downloads the "DigiCert Global Root G3"
// Valid until: 15/Jan/2038
// Serial #: 05:55:56:BC:F2:5E:A4:35:35:C3:A4:0F:D5:AB:45:72
// Thumbprint: 7E04DE896A3E666D00E687D33FFAD93BE83D349E
certUrl = L"https://dl.cacerts.digicert.com/DigiCertGlobalRootG3.crt";
http = CkHttpW_Create();
bdCert = CkBinDataW_Create();
success = CkHttpW_DownloadBd(http,certUrl,bdCert);
if (success == FALSE) {
wprintf(L"%s\n",CkHttpW_lastErrorText(http));
CkHttpW_Dispose(http);
CkBinDataW_Dispose(bdCert);
return;
}
// Load it into a Chilkat cert object.
cert = CkCertW_Create();
success = CkCertW_LoadFromBd(cert,bdCert);
if (success == FALSE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
CkHttpW_Dispose(http);
CkBinDataW_Dispose(bdCert);
CkCertW_Dispose(cert);
return;
}
// Examine the common name,serial, and thumbprint:
wprintf(L"CN: %s\n",CkCertW_subjectCN(cert));
wprintf(L"Serial: %s\n",CkCertW_serialNumber(cert));
wprintf(L"Thumbprint: %s\n",CkCertW_sha1Thumbprint(cert));
// Output from the above:
// CN: DigiCert Global Root G3
// Serial: 055556BCF25EA43535C3A40FD5AB4572
// Thumbprint: 7E04DE896A3E666D00E687D33FFAD93BE83D349E
// If desired, the certificate can be saved to a local file so it does not need
// to be downloaded from the website every time.
certPath = L"qa_data/certs/DigiCertGlobalRootG3.crt";
success = CkBinDataW_WriteFile(bdCert,certPath);
// To load the cert from a file...
success = CkCertW_LoadFromFile(cert,certPath);
// Do the following to add the cert to the collection of trusted roots
// for this application. (Note: The trust is not persisted. Each time the
// application runs, it should load the cert (from whatever source, whether it is
// a file, a database,etc.) and do the following:
troots = CkTrustedRootsW_Create();
CkTrustedRootsW_AddCert(troots,cert);
CkTrustedRootsW_Activate(troots);
wprintf(L"%s is now trusted for this run of this application.\n",CkCertW_subjectCN(cert));
CkHttpW_Dispose(http);
CkBinDataW_Dispose(bdCert);
CkCertW_Dispose(cert);
CkTrustedRootsW_Dispose(troots);
}