(Classic ASP) Get the Server Certificate, Certificate Chain, and Root CA Certificate

Demonstrates how to get the HTTP server certificate, its certificate chain, and the root CA certificate.

Note: This example requires Chilkat v11.0.0 or greater.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

set http = Server.CreateObject("Chilkat.Http")

' We're getting the SSL/TLS certificate, so make sure to connect to the SSL/TLS port (443).
set sslCert = Server.CreateObject("Chilkat.Cert")
success = http.GetServerCert("apple.com",443,sslCert)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( http.LastErrorText) & "</pre>"
    Response.End
End If

set certChain = Server.CreateObject("Chilkat.CertChain")
success = sslCert.BuildCertChain(certChain)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( sslCert.LastErrorText) & "</pre>"
    Response.End
End If

set cert = Server.CreateObject("Chilkat.Cert")
i = 0
numCerts = certChain.NumCerts
Do While i < numCerts
    success = certChain.CertAt(i,cert)
    Response.Write "<pre>" & Server.HTMLEncode( "SubjectDN " & i & ": " & cert.SubjectDN) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( "IssuerDN " & i & ": " & cert.IssuerDN) & "</pre>"
    i = i + 1
Loop

' If the certificate chain reaches the root CA cert, then the last cert in the chain
' is the root CA cert.
If (certChain.ReachesRoot = 1) Then
    set caCert = Server.CreateObject("Chilkat.Cert")
    success = certChain.CertAt(numCerts - 1,caCert)
    Response.Write "<pre>" & Server.HTMLEncode( "CA Root Cert: " & caCert.SubjectDN) & "</pre>"
End If


%>
</body>
</html>