PureBasic
PureBasic
Use Installed Cert on Windows for TLS Client Authentication
See more HTTP Examples
Demonstrates how to use a certificate that has already been installed on a Windows PC for TLS client authentication.Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkHttp.pb"
Procedure ChilkatExample()
success.i = 0
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
http.i = CkHttp::ckCreate()
If http.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; On Windows, a pre-installed certificate can be loaded in a number of different ways.
; This example loads by the common name:
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkCert::ckLoadByCommonName(cert,"My ECA Medium Assurance Identity Certificate")
If success <> 1
Debug CkCert::ckLastErrorText(cert)
CkHttp::ckDispose(http)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Make sure this certificate has a private key available.
; It should be a private key such that when the certificate was installed, it was marked as "exportable"
; so that authorized programs are able to access the private key.
If CkCert::ckHasPrivateKey(cert) <> 1
Debug "A private key is needed for TLS client authentication."
Debug "This certificate has no private key."
CkHttp::ckDispose(http)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Set the certificate to be used for mutual TLS authentication
; (i.e. sets the client-side certificate for two-way TLS authentication)
success = CkHttp::ckSetSslClientCert(http,cert)
If success <> 1
Debug CkHttp::ckLastErrorText(http)
CkHttp::ckDispose(http)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; At this point, the HTTP object instance is setup with the client-side cert, and any SSL/TLS
; connection will automatically use it if the server demands a client-side cert.
CkHttp::ckDispose(http)
CkCert::ckDispose(cert)
ProcedureReturn
EndProcedure