Sample code for 30+ languages & platforms
Delphi DLL

Download and Trust the DigiCert Global Root CA

See more Certificates Examples

Demonstrates how to download a root certificate and trust it.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, BinData, Cert, TrustedRoots;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
certUrl: PWideChar;
http: HCkHttp;
bdCert: HCkBinData;
cert: HCkCert;
certPath: PWideChar;
troots: HCkTrustedRoots;

begin
success := False;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// In this example, the URLs for the DigiCert root CA certs are available at this web page:
// https://www.digicert.com/digicert-root-certificates.htm

// This example downloads the "DigiCert Global Root G3"
// Valid until: 15/Jan/2038
// Serial #: 05:55:56:BC:F2:5E:A4:35:35:C3:A4:0F:D5:AB:45:72
// Thumbprint: 7E04DE896A3E666D00E687D33FFAD93BE83D349E

certUrl := 'https://dl.cacerts.digicert.com/DigiCertGlobalRootG3.crt';

http := CkHttp_Create();
bdCert := CkBinData_Create();
success := CkHttp_DownloadBd(http,certUrl,bdCert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

// Load it into a Chilkat cert object.
cert := CkCert_Create();
success := CkCert_LoadFromBd(cert,bdCert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

// Examine the common name,serial, and thumbprint:
Memo1.Lines.Add('CN: ' + CkCert__subjectCN(cert));
Memo1.Lines.Add('Serial: ' + CkCert__serialNumber(cert));
Memo1.Lines.Add('Thumbprint: ' + CkCert__sha1Thumbprint(cert));

// Output from the above:
// CN: DigiCert Global Root G3
// Serial: 055556BCF25EA43535C3A40FD5AB4572
// Thumbprint: 7E04DE896A3E666D00E687D33FFAD93BE83D349E

// If desired, the certificate can be saved to a local file so it does not need
// to be downloaded from the website every time.  
certPath := 'qa_data/certs/DigiCertGlobalRootG3.crt';
success := CkBinData_WriteFile(bdCert,certPath);

// To load the cert from a file...
success := CkCert_LoadFromFile(cert,certPath);

// Do the following to add the cert to the collection of trusted roots
// for this application.  (Note:  The trust is not persisted.  Each time the
// application runs, it should load the cert (from whatever source, whether it is
// a file, a database,etc.) and do the following:
troots := CkTrustedRoots_Create();

CkTrustedRoots_AddCert(troots,cert);
CkTrustedRoots_Activate(troots);

Memo1.Lines.Add(CkCert__subjectCN(cert) + ' is now trusted for this run of this application.');

CkHttp_Dispose(http);
CkBinData_Dispose(bdCert);
CkCert_Dispose(cert);
CkTrustedRoots_Dispose(troots);

end;