Sample code for 30+ languages & platforms
Unicode C

Use a Custom Set of Trusted Root Certificates

See more Certificates Examples

Demonstrates how to build a set of trusted root certificates to be used globally by all Chilkat classes.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkTrustedRootsW.h>
#include <C_CkZipW.h>
#include <C_CkZipEntryW.h>
#include <C_CkCertW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkTrustedRootsW trustedRoots;
    HCkZipW zip;
    HCkZipEntryW entry;
    const wchar_t *pemStr;
    HCkCertW cert;
    const wchar_t *pattern;
    BOOL bHasMoreEntries;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    trustedRoots = CkTrustedRootsW_Create();

    //  Indicate that we will NOT trust any pre-installed certificates on the system.
    CkTrustedRootsW_putTrustSystemCaRoots(trustedRoots,FALSE);

    // Thawte is a certificate authority that provides a .zip download of their
    // root CA certificates:  https://www.thawte.com/roots/index.html
    // The direct download link is: https://www.verisign.com/support/thawte-roots.zip
    // Note: The above URLs are valid at the time of writing this example (29-May-2015).

    // Assuming the .zip has already been downloaded, open it and load each .pem file into
    // our trusted roots object.
    zip = CkZipW_Create();

    // Open a .zip containing PEM files, among other things..
    success = CkZipW_OpenZip(zip,L"qa_data/certs/thawte-roots.zip");
    if (success == FALSE) {
        wprintf(L"%s\n",CkZipW_lastErrorText(zip));
        CkTrustedRootsW_Dispose(trustedRoots);
        CkZipW_Dispose(zip);
        return;
    }

    entry = CkZipEntryW_Create();

    cert = CkCertW_Create();

    pattern = L"*.pem";
    bHasMoreEntries = CkZipW_EntryMatching(zip,pattern,entry);
    while (bHasMoreEntries == TRUE) {

        wprintf(L"Entry: %s\n",CkZipEntryW_fileName(entry));

        // Get the PEM of the CA cert:
        pemStr = CkZipEntryW_unzipToString(entry,0,L"utf-8");

        // Load it into a certificate object:
        success = CkCertW_LoadPem(cert,pemStr);
        if (success != TRUE) {
            wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        }

        // Add it to the trusted roots.
        CkTrustedRootsW_AddCert(trustedRoots,cert);

        bHasMoreEntries = CkZipEntryW_GetNextMatch(entry,pattern);
    }

    //  Activate the trusted roots globally for all Chilkat objects.
    //  This call really shouldn't fail, so we're not checking the return value.
    success = CkTrustedRootsW_Activate(trustedRoots);


    CkTrustedRootsW_Dispose(trustedRoots);
    CkZipW_Dispose(zip);
    CkZipEntryW_Dispose(entry);
    CkCertW_Dispose(cert);

    }