Sample code for 30+ languages & platforms
Delphi DLL

Using WS_FTP Self-signed Certificate file (.crt) and Private Key File. (.key)

See more FTP Examples

Demonstrates how to use a self-signed certificate created by WS_FTP with Chilkat FTP2.

Note: It is usually not necessary for the FTP client to use a client-side certificate. Most FTP servers using SSL and TLS connections (explicit or implicit) do not require client-side certs. In addition, some high-security FTP servers require "real" certificates -- meaning certificates issued by a real certificate authority with a chain of authentication that leads to a trusted root certificate. The certificates created by WS_FTP are self-signed and untrusted.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Cert, Ftp2, CertStore, JsonObject;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
ftp: HCkFtp2;
certStore: HCkCertStore;
jsonCN: HCkJsonObject;
cert: HCkCert;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Important:  Before running this program, convert your
// .crt and .key files to a .p12 using OpenSSL:
// The command is this:
// openssl pkcs12 -export -in test.crt -inkey test.key -out test.p12
// 

ftp := CkFtp2_Create();

CkFtp2_putHostname(ftp,'ftp.example.com');
CkFtp2_putPort(ftp,21);
CkFtp2_putUsername(ftp,'testLogin');
CkFtp2_putPassword(ftp,'testPassword');

// This example will use explict TLS/SSL.
// Establish an explicit secure channel after connection
// on the standard FTP port 21.
CkFtp2_putAuthTls(ftp,True);

// The Ssl property is for establishing an implicit SSL connection
// on port 990.  Because this example uses explicit SSL, it 
// should remain False.
CkFtp2_putSsl(ftp,False);

// Create an instance of a certificate store object, load a .p12 file,
// locate the certificate we need, and use it for signing.
// (a P12/PFX file may contain more than one certificate.)
certStore := CkCertStore_Create();
// The 1st argument is the filename, the 2nd arg is the 
// .p12 file's password.  (OpenSSL will prompty you to set a password
// when converting the .crt and .key into a .p12).
success := CkCertStore_LoadPfxFile(certStore,'test.p12','secret');
if (success <> True) then
  begin
    Memo1.Lines.Add(CkCertStore__lastErrorText(certStore));
    Exit;
  end;

jsonCN := CkJsonObject_Create();
CkJsonObject_UpdateString(jsonCN,'CN','cert common name');

cert := CkCert_Create();
success := CkCertStore_FindCert(certStore,jsonCN,cert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCertStore__lastErrorText(certStore));
    Exit;
  end;

success := CkFtp2_SetSslClientCert(ftp,cert);

// Connect and login to the FTP server.
success := CkFtp2_Connect(ftp);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkFtp2__lastErrorText(ftp));
    Exit;
  end
else
  begin
    // LastErrorText contains information even when
    // successful. This allows you to visually verify
    // that the secure connection actually occurred.
    Memo1.Lines.Add(CkFtp2__lastErrorText(ftp));
  end;

Memo1.Lines.Add('Secure FTP Channel Established!');
Memo1.Lines.Add(CkFtp2__lastErrorText(ftp));

// Do whatever you're doing to do ...
// upload files, download files, etc...

// ...
// ...

success := CkFtp2_Disconnect(ftp);

CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);

end;