Sample code for 30+ languages & platforms
C

Secure FTP with Client Certificate

See more FTP Examples

Chilkat FTP2 provides the ability to use a client certificate with secure FTP (implicit or explicit SSL/TLS). This example demonstrates how to load a certificate from a .pfx and use it as the client-side SSL cert. Note: Client-side certificates are only needed in situations where the server demands one.

Chilkat C Downloads

C
#include <C_CkFtp2.h>
#include <C_CkCertStore.h>
#include <C_CkJsonObject.h>
#include <C_CkCert.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkFtp2 ftp;
    HCkCertStore certStore;
    const char *password;
    HCkJsonObject jsonCN;
    HCkCert cert;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    ftp = CkFtp2_Create();

    CkFtp2_putHostname(ftp,"ftp.example.com");
    CkFtp2_putPort(ftp,21);
    CkFtp2_putUsername(ftp,"test");
    CkFtp2_putPassword(ftp,"test");

    // This example will use explict TLS/SSL.
    // Establish an explicit secure channel after connection
    // on the standard FTP port 21.
    CkFtp2_putAuthTls(ftp,TRUE);

    // The Ssl property is for establishing an implicit SSL connection
    // on port 990.  Because this example uses explicit SSL, it 
    // should remain FALSE.
    CkFtp2_putSsl(ftp,FALSE);

    // Load a certificate from a .pfx
    // A PFX may contain several certs, including the certificates
    // in a chain of authority.
    certStore = CkCertStore_Create();

    password = "***";
    // Load the certs from a PFX into an in-memory certificate store:
    success = CkCertStore_LoadPfxFile(certStore,"chilkat.pfx",password);
    if (success != TRUE) {
        printf("%s\n",CkCertStore_lastErrorText(certStore));
        CkFtp2_Dispose(ftp);
        CkCertStore_Dispose(certStore);
        return;
    }

    // Find the desired certificate.
    jsonCN = CkJsonObject_Create();
    CkJsonObject_UpdateString(jsonCN,"CN","cert common name");

    cert = CkCert_Create();
    success = CkCertStore_FindCert(certStore,jsonCN,cert);
    if (success == FALSE) {
        printf("Certificate not found!\n");
        CkFtp2_Dispose(ftp);
        CkCertStore_Dispose(certStore);
        CkJsonObject_Dispose(jsonCN);
        CkCert_Dispose(cert);
        return;
    }

    // Use this certificate for our secure (SSL/TLS) connection:
    success = CkFtp2_SetSslClientCert(ftp,cert);

    // Connect and login to the FTP server.  The connection is 
    // made secure because of the AuthTls setting.
    success = CkFtp2_Connect(ftp);
    if (success != TRUE) {
        printf("%s\n",CkFtp2_lastErrorText(ftp));
        CkFtp2_Dispose(ftp);
        CkCertStore_Dispose(certStore);
        CkJsonObject_Dispose(jsonCN);
        CkCert_Dispose(cert);
        return;
    }
    else {
        // LastErrorText contains information even when
        // successful. This allows you to visually verify
        // that the secure connection actually occurred.
        printf("%s\n",CkFtp2_lastErrorText(ftp));
    }

    printf("Secure FTP Channel Established!\n");

    // Do whatever you're doing to do ...
    // upload files, download files, etc...

    // .....
    // .....

    success = CkFtp2_Disconnect(ftp);


    CkFtp2_Dispose(ftp);
    CkCertStore_Dispose(certStore);
    CkJsonObject_Dispose(jsonCN);
    CkCert_Dispose(cert);

    }