Sample code for 30+ languages & platforms
PureBasic

Use HTTPS Client Certificate from .cer and .key Files

See more HTTP Examples

Demonstrates how to load a cert + private key from .cer and .key (base64) files and use it for mutual TLS authentication (client-side certificate).

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCert.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkBinData.pb"
IncludeFile "CkPrivateKey.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    http.i = CkHttp::ckCreate()
    If http.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    cert.i = CkCert::ckCreate()
    If cert.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    privKey.i = CkPrivateKey::ckCreate()
    If privKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Load any type of certificate (.cer, .p7b, .pem, etc.) by calling LoadFromFile.
    success = CkCert::ckLoadFromFile(cert,"qa_data/certs/sample_cert_a.cer")
    If success <> 1
        Debug CkCert::ckLastErrorText(cert)
        CkHttp::ckDispose(http)
        CkCert::ckDispose(cert)
        CkPrivateKey::ckDispose(privKey)
        ProcedureReturn
    EndIf

    ; Load the private key.
    bd.i = CkBinData::ckCreate()
    If bd.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkBinData::ckLoadFile(bd,"qa_data/certs/sample_key_a.key")
    success = CkPrivateKey::ckLoadAnyFormat(privKey,bd,"privateKeyPasswordIfNecessary")
    If success <> 1
        Debug CkPrivateKey::ckLastErrorText(privKey)
        CkHttp::ckDispose(http)
        CkCert::ckDispose(cert)
        CkPrivateKey::ckDispose(privKey)
        CkBinData::ckDispose(bd)
        ProcedureReturn
    EndIf

    ; Associate the private key with the cert.
    success = CkCert::ckSetPrivateKey(cert,privKey)
    If success <> 1
        Debug CkCert::ckLastErrorText(cert)
        CkHttp::ckDispose(http)
        CkCert::ckDispose(cert)
        CkPrivateKey::ckDispose(privKey)
        CkBinData::ckDispose(bd)
        ProcedureReturn
    EndIf

    ; Set the certificate to be used for mutual TLS authentication
    ; (i.e. sets the client-side certificate for two-way TLS authentication)
    success = CkHttp::ckSetSslClientCert(http,cert)
    If success <> 1
        Debug CkHttp::ckLastErrorText(http)
        CkHttp::ckDispose(http)
        CkCert::ckDispose(cert)
        CkPrivateKey::ckDispose(privKey)
        CkBinData::ckDispose(bd)
        ProcedureReturn
    EndIf

    ; At this point, the HTTP object instance is setup with the client-side cert, and any SSL/TLS
    ; connection will automatically use it if the server demands a client-side cert.


    CkHttp::ckDispose(http)
    CkCert::ckDispose(cert)
    CkPrivateKey::ckDispose(privKey)
    CkBinData::ckDispose(bd)


    ProcedureReturn
EndProcedure