Sample code for 30+ languages & platforms
DataFlex

Require SSL Server Certificate Domain Match

See more HTTP Examples

Demonstrates how to require that the SSL server certificate's domain matches the intended domain.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoHttp
    String sHtml
    String sTemp1
    Boolean bTemp1

    Move False To iSuccess

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatHttp)) To hoHttp
    If (Not(IsComObjectCreated(hoHttp))) Begin
        Send CreateComObject of hoHttp
    End

    // Call SetSslCertRequirement to require that the SSL server certificate's domain
    // matches only the domain we are intending to communicate with.

    // In this example we will test with the URL https://wrong.host.badssl.com/
    // which intentionally has an SSL certificate that does not match "wrong.host.badssl.com"

    Send ComSetSslCertRequirement To hoHttp "SAN" "wrong.host.badssl.com"

    // Also validate the server cert..
    Set ComRequireSslCertVerify Of hoHttp To True

    // Try sending the request.  It should fail within the SSL/TLS handshake
    // because the server's certificate does not match the domain "wrong.host.badssl.com"
    Get ComQuickGetStr Of hoHttp "https://wrong.host.badssl.com/" To sHtml
    Get ComLastMethodSuccess Of hoHttp To bTemp1
    If (bTemp1 = False) Begin
        Get ComLastErrorText Of hoHttp To sTemp1
        Showln sTemp1
    End
    Else Begin
        Showln "Unexpected success."
    End



End_Procedure