Question:
I'm using the C++ library version 9.5.0.40
I'm using the CkHttp component to send an http request using ssl connection. I set put_RequireSslCertVerify(true) to verify the server's certificates against root certificates contained in a PKCS12 truststore. The truststore seems to be valid since other applications are using it (google chrome, IE, and others). However CkCertStore doesn't load the file. The code i use to load the truststore is the following :
CkCert* cert = NULL;
CkCertStore store;
CkTrustedRoots trustedRoots;
if(store.LoadPfxFile(trustestore, password))
{
int count = store.get_NumCertificates();
for(int i = 0; i < count; ++i)
{
cert = store.GetCertificate(i);
if(cert)
{
trustedRoots.AddCert(*cert);
delete cert;
}
}
if(trustedRoots.Activate())
{
sucess = true;
}
}
The password is valid and the error i get is the following :
ChilkatLog: LoadPfxFile: DllDate: Jul 15 2014 ChilkatVersion: 9.5.0.41 UnlockPrefix: NONE Username: POSTE1392:Laval Architecture: Little Endian; 32-bit Language: Visual C++ 11.0 (32-bit) VerboseLogging: 0 pfxPath: C:Temptruststore.p12 importPfxData: pkcs12_loadAndParseDer: loadAndParseDerInner: verifyHmacIntegrity: saltNumBytes: 8 saltBase64: sweGnMHf0hY= numIterations: 2048 macHashOid: 1.3.14.3.2.26 macStoredDigest: CB07 D527 E6BB 535F DF3D 9E5D A33B 29DC BD7B 0221 Failed to verify PFX HMAC with password. computedDigest: A312 79A6 45D9 7DF4 042A 6460 8B49 AF85 6C86 31F6 --verifyHmacIntegrity PFX/PKCS12 integrity verification failed. --loadAndParseDerInner --pkcs12_loadAndParseDer --importPfxData Failed. --LoadPfxFile --ChilkatLog
Regards