(C++) Get the Server Certificate, Certificate Chain, and Root CA Certificate

Demonstrates how to get the HTTP server certificate, its certificate chain, and the root CA certificate.

Note: This example requires Chilkat v11.0.0 or greater.

Chilkat C/C++ Library Downloads
MS Visual C/C++ C++ Builder Linux C/C++ Alpine Linux C/C++	MacOS C/C++ iOS C/C++ Android C/C++ MinGW C/C++

#include <CkHttp.h>
#include <CkCert.h>
#include <CkCertChain.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkHttp http;

    // We're getting the SSL/TLS certificate, so make sure to connect to the SSL/TLS port (443).
    CkCert sslCert;
    success = http.GetServerCert("apple.com",443,sslCert);
    if (success == false) {
        std::cout << http.lastErrorText() << "\r\n";
        return;
    }

    CkCertChain certChain;
    success = sslCert.BuildCertChain(certChain);
    if (success == false) {
        std::cout << sslCert.lastErrorText() << "\r\n";
        return;
    }

    CkCert cert;
    int i = 0;
    int numCerts = certChain.get_NumCerts();
    while (i < numCerts) {
        certChain.CertAt(i,cert);
        std::cout << "SubjectDN " << i << ": " << cert.subjectDN() << "\r\n";
        std::cout << "IssuerDN " << i << ": " << cert.issuerDN() << "\r\n";
        i = i + 1;
    }

    // If the certificate chain reaches the root CA cert, then the last cert in the chain
    // is the root CA cert.
    if (certChain.get_ReachesRoot() == true) {
        CkCert caCert;
        certChain.CertAt(numCerts - 1,caCert);
        std::cout << "CA Root Cert: " << caCert.subjectDN() << "\r\n";
    }
    }