DataFlex
DataFlex
Add Private Key to Java Keystore
See more Java KeyStore (JKS) Examples
Adds a private key to an existing Java keystore.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoJks
String sJksPassword
String sJksPath
Variant vCert
Handle hoCert
Variant vCertVault
Handle hoCertVault
Variant vPrivKey
Handle hoPrivKey
String sAlias
Variant vPfx
Handle hoPfx
String sTemp1
Move False To iSuccess
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatJavaKeyStore)) To hoJks
If (Not(IsComObjectCreated(hoJks))) Begin
Send CreateComObject of hoJks
End
Move "myJksPassword" To sJksPassword
Move "/someDir/keyStore.jks" To sJksPath
// Load the Java keystore from a file.
Get ComLoadFile Of hoJks sJksPassword sJksPath To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJks To sTemp1
Showln sTemp1
Procedure_Return
End
// A JKS private key entry consists of both the private key,
// it's associated certificate (which contains the matching public key
// within the X.509 of the certificate), and the certificates in the
// chain of authentication to the root.
//
// Therefore, to add a private key entry to a JKS requires
// a Chilkat certificate object that has a private key and which also
// has the certificate chain (up to the root) available.
// There are many ways to get a Chilkat certificate object
// that contains (within it) the private key and the certificate chain
// This example will show two possibilities:
// (1) Where the cert and issuing root are provided in PEM format in .crt files,
// and the private key is also provided in unencrypted PEM format (.key file).
// (2) Where the cert, private key, and issuing root are provided in a single PFX.
// First for the .crt / .key files:
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
// Chilkat will automatically determine the format of the cert file and load it correctly.
Get ComLoadFromFile Of hoCert "/mycerts/alice.crt" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Certificates required for building the chain of authentication can be
// added to an XML certificate vault object, and then provided as
// a source for obtaining certs when building the chain.
Get Create (RefClass(cComChilkatXmlCertVault)) To hoCertVault
If (Not(IsComObjectCreated(hoCertVault))) Begin
Send CreateComObject of hoCertVault
End
Get ComAddCertFile Of hoCertVault "/mycerts/ca.crt" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCertVault To sTemp1
Showln sTemp1
Procedure_Return
End
Get pvComObject of hoCertVault to vCertVault
Get ComUseCertVault Of hoCert vCertVault To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Now provide the associated private key to the certificate object.
// The Chilkat private key class provides methods for loading from many formats (both
// encrypted and unencrypted).
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get ComLoadPemFile Of hoPrivKey "/mycerts/alice.key" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoPrivKey To sTemp1
Showln sTemp1
Procedure_Return
End
// Provide the certificate object with the private key:
Get pvComObject of hoPrivKey to vPrivKey
Get ComSetPrivateKey Of hoCert vPrivKey To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Our certificate object now contains all that we need to add it as a private key entry
// to the Java keystore:
Move "alice" To sAlias
Get pvComObject of hoCert to vCert
Get ComAddPrivateKey Of hoJks vCert sAlias sJksPassword To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJks To sTemp1
Showln sTemp1
Procedure_Return
End
// Write the updated JKS, which contains the new private key entry w/ certificate chain.
Get ComToFile Of hoJks sJksPassword sJksPath To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJks To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "Added new private key entry (from .crt and .key files) to the JKS!"
// Now let's add a new private key entry from a PFX that contains a single
// private key with associated cert and cert chain.
Get Create (RefClass(cComChilkatPfx)) To hoPfx
If (Not(IsComObjectCreated(hoPfx))) Begin
Send CreateComObject of hoPfx
End
Get ComLoadPfxFile Of hoPfx "/myPfxFiles/my.pfx" "pfxPassword" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoPfx To sTemp1
Showln sTemp1
Procedure_Return
End
// This is easy -- simply add the PFX to the JKS
Move "bob" To sAlias
Get pvComObject of hoPfx to vPfx
Get ComAddPfx Of hoJks vPfx sAlias sJksPassword To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJks To sTemp1
Showln sTemp1
Procedure_Return
End
// Write the updated JKS, which contains the new private key entry w/ certificate chain
// that came from the PFX.
Get ComToFile Of hoJks sJksPassword sJksPath To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJks To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "Added new private key entry (from PFX) to the JKS!"
End_Procedure