Sample code for 30+ languages & platforms
PureBasic

Socket TLS Mutual Authentication (Client-Side Certificate)

See more Socket/SSL/TLS Examples

This example demonstrates how to provide a client-side certificate, also known as "two-way authentication" or "mutual authentication" for servers that require a client certificate.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkSocket.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    sock.i = CkSocket::ckCreate()
    If sock.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Set the certificate to be used for mutual TLS authentication
    ; (i.e. sets the client-side certificate for two-way TLS authentication)
    success = CkSocket::ckSetSslClientCertPfx(sock,"/home/bob/pfxFiles/myClientSideCertWithPrivateKey.pfx","pfxPassword")
    If success <> 1
        Debug CkSocket::ckLastErrorText(sock)
        CkSocket::ckDispose(sock)
        ProcedureReturn
    EndIf

    ; Note: The certificate used for the client-side of TLS mutual authentication
    ; must have the associated private key available. (.pfx/.p12 files typically store both
    ; the certificate and associated private key.)

    ; Establish the connection using the socket object (with client certificate authentication).
    bTls.i = 1
    port.i = 443
    maxWaitMs.i = 5000
    success = CkSocket::ckConnect(sock,"www.example.com",port,bTls,maxWaitMs)
    If success <> 1
        Debug "Connect Failure Error Code: " + Str(CkSocket::ckConnectFailReason(sock))
        Debug CkSocket::ckLastErrorText(sock)
        CkSocket::ckDispose(sock)
        ProcedureReturn
    EndIf

    ; At this point, the Socket object is connected and authenticated using the client-side cert

    ; ...
    ; ..


    CkSocket::ckDispose(sock)


    ProcedureReturn
EndProcedure