Sample code for 30+ languages & platforms
C

Require SSL Server Certificate Domain Match

See more HTTP Examples

Demonstrates how to require that the SSL server certificate's domain matches the intended domain.

Chilkat C Downloads

C
#include <C_CkHttp.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkHttp http;
    const char *html;

    success = FALSE;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    http = CkHttp_Create();

    // Call SetSslCertRequirement to require that the SSL server certificate's domain
    // matches only the domain we are intending to communicate with.

    // In this example we will test with the URL https://wrong.host.badssl.com/
    // which intentionally has an SSL certificate that does not match "wrong.host.badssl.com"

    CkHttp_SetSslCertRequirement(http,"SAN","wrong.host.badssl.com");

    // Also validate the server cert..
    CkHttp_putRequireSslCertVerify(http,TRUE);

    // Try sending the request.  It should fail within the SSL/TLS handshake
    // because the server's certificate does not match the domain "wrong.host.badssl.com"
    html = CkHttp_quickGetStr(http,"https://wrong.host.badssl.com/");
    if (CkHttp_getLastMethodSuccess(http) == FALSE) {
        printf("%s\n",CkHttp_lastErrorText(http));
    }
    else {
        printf("Unexpected success.\n");
    }



    CkHttp_Dispose(http);

    }