DataFlex
DataFlex
Examine SSL/TLS Server Certificate
See more Socket/SSL/TLS Examples
Demonstrates how an application can examine and check a server's SSL/TLS certificate.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoSocket
Boolean iUseTls
Integer iMaxWaitMs
Variant vCert
Handle hoCert
String sTemp1
Boolean bTemp1
Move False To iSuccess
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatSocket)) To hoSocket
If (Not(IsComObjectCreated(hoSocket))) Begin
Send CreateComObject of hoSocket
End
// Connect to a server.
Move True To iUseTls
Move 2000 To iMaxWaitMs
Get ComConnect Of hoSocket "www.intel.com" 443 iUseTls iMaxWaitMs To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoSocket To sTemp1
Showln sTemp1
Procedure_Return
End
// If we get here, the TLS connection ws made..
// In any SSL/TLS handshake, the server sends its certificate in a TLS handshake message.
// Chilkat will keep it cached within the object that made the connection.
// Get the server's cert and examine a few things.
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get pvComObject of hoCert to vCert
Get ComGetServerCert Of hoSocket vCert To iSuccess
Get ComSubjectDN Of hoCert To sTemp1
Showln "Distinguished Name: " sTemp1
Get ComSubjectCN Of hoCert To sTemp1
Showln "Common Name: " sTemp1
Get ComIssuerDN Of hoCert To sTemp1
Showln "Issuer Distinguished Name: " sTemp1
Get ComIssuerCN Of hoCert To sTemp1
Showln "Issuer Common Name: " sTemp1
Get ComExpired Of hoCert To bTemp1
Showln "Expired: " bTemp1
Get ComRevoked Of hoCert To bTemp1
Showln "Revoked: " bTemp1
Get ComSignatureVerified Of hoCert To bTemp1
Showln "Signature Verified: " bTemp1
Get ComTrustedRoot Of hoCert To bTemp1
Showln "Trusted Root: " bTemp1
// Sample output:
// Distinguished Name: C=US, ST=California, O=Intel Corporation, CN=*.intel.com
// Common Name: *.intel.com
// Issuer Distinguished Name: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
// Issuer Common Name: Sectigo RSA Organization Validation Secure Server CA
// Expired: False
// Revoked: False
// Signature Verified: True
// Trusted Root: True
End_Procedure