C
C
Secure FTP with Client Certificate
See more FTP Examples
Chilkat FTP2 provides the ability to use a client certificate with secure FTP (implicit or explicit SSL/TLS). This example demonstrates how to load a certificate from a .pfx and use it as the client-side SSL cert. Note: Client-side certificates are only needed in situations where the server demands one.Chilkat C Downloads
#include <C_CkFtp2.h>
#include <C_CkCertStore.h>
#include <C_CkJsonObject.h>
#include <C_CkCert.h>
void ChilkatSample(void)
{
BOOL success;
HCkFtp2 ftp;
HCkCertStore certStore;
const char *password;
HCkJsonObject jsonCN;
HCkCert cert;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
ftp = CkFtp2_Create();
CkFtp2_putHostname(ftp,"ftp.example.com");
CkFtp2_putPort(ftp,21);
CkFtp2_putUsername(ftp,"test");
CkFtp2_putPassword(ftp,"test");
// This example will use explict TLS/SSL.
// Establish an explicit secure channel after connection
// on the standard FTP port 21.
CkFtp2_putAuthTls(ftp,TRUE);
// The Ssl property is for establishing an implicit SSL connection
// on port 990. Because this example uses explicit SSL, it
// should remain FALSE.
CkFtp2_putSsl(ftp,FALSE);
// Load a certificate from a .pfx
// A PFX may contain several certs, including the certificates
// in a chain of authority.
certStore = CkCertStore_Create();
password = "***";
// Load the certs from a PFX into an in-memory certificate store:
success = CkCertStore_LoadPfxFile(certStore,"chilkat.pfx",password);
if (success != TRUE) {
printf("%s\n",CkCertStore_lastErrorText(certStore));
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
return;
}
// Find the desired certificate.
jsonCN = CkJsonObject_Create();
CkJsonObject_UpdateString(jsonCN,"CN","cert common name");
cert = CkCert_Create();
success = CkCertStore_FindCert(certStore,jsonCN,cert);
if (success == FALSE) {
printf("Certificate not found!\n");
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
return;
}
// Use this certificate for our secure (SSL/TLS) connection:
success = CkFtp2_SetSslClientCert(ftp,cert);
// Connect and login to the FTP server. The connection is
// made secure because of the AuthTls setting.
success = CkFtp2_Connect(ftp);
if (success != TRUE) {
printf("%s\n",CkFtp2_lastErrorText(ftp));
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
return;
}
else {
// LastErrorText contains information even when
// successful. This allows you to visually verify
// that the secure connection actually occurred.
printf("%s\n",CkFtp2_lastErrorText(ftp));
}
printf("Secure FTP Channel Established!\n");
// Do whatever you're doing to do ...
// upload files, download files, etc...
// .....
// .....
success = CkFtp2_Disconnect(ftp);
CkFtp2_Dispose(ftp);
CkCertStore_Dispose(certStore);
CkJsonObject_Dispose(jsonCN);
CkCert_Dispose(cert);
}