Sample code for 30+ languages & platforms
Objective-C

Verify SSL Server Certificate

See more Socket/SSL/TLS Examples

Demonstrates how to connect to an SSL server and verify its SSL certificate.

Chilkat Objective-C Downloads

Objective-C
#import <CkoSocket.h>
#import <NSString.h>
#import <CkoCert.h>

BOOL success = NO;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoSocket *socket = [[CkoSocket alloc] init];

BOOL ssl = YES;
int maxWaitMillisec = 20000;

// The SSL server hostname may be an IP address, a domain name,
// or "localhost". 
NSString *sslServerHost = 0;
sslServerHost = @"www.paypal.com";
int sslServerPort = 443;

// Connect to the SSL server:
success = [socket Connect: sslServerHost port: [NSNumber numberWithInt: sslServerPort] ssl: ssl maxWaitMs: [NSNumber numberWithInt: maxWaitMillisec]];
if (success == NO) {
    NSLog(@"%@",socket.LastErrorText);
    return;
}

CkoCert *cert = [[CkoCert alloc] init];

BOOL bExpired;
BOOL bRevoked;
BOOL bSignatureVerified;
BOOL bTrustedRoot;

success = [socket GetServerCert: cert];
if (success != NO) {

    NSLog(@"%@",@"Server Certificate:");
    NSLog(@"%@%@",@"Distinguished Name: ",cert.SubjectDN);
    NSLog(@"%@%@",@"Common Name: ",cert.SubjectCN);
    NSLog(@"%@%@",@"Issuer Distinguished Name: ",cert.IssuerDN);
    NSLog(@"%@%@",@"Issuer Common Name: ",cert.IssuerCN);

    bExpired = cert.Expired;
    bRevoked = cert.Revoked;
    bSignatureVerified = cert.SignatureVerified;
    bTrustedRoot = cert.TrustedRoot;

    NSLog(@"%@%d",@"Expired: ",bExpired);
    NSLog(@"%@%d",@"Revoked: ",bRevoked);
    NSLog(@"%@%d",@"Signature Verified: ",bSignatureVerified);
    NSLog(@"%@%d",@"Trusted Root: ",bTrustedRoot);

}

// Close the connection with the server
// Wait a max of 20 seconds (20000 millsec)
success = [socket Close: [NSNumber numberWithInt: 20000]];