Sample code for 30+ languages & platforms
PureBasic

SSL Client Certificate

See more Socket/SSL/TLS Examples

Demonstrates how to connect to an SSL server using a client-side certificate, send a simple message, receive a simple response, and disconnect.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCertStore.pb"
IncludeFile "CkCert.pb"
IncludeFile "CkSocket.pb"
IncludeFile "CkJsonObject.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    socket.i = CkSocket::ckCreate()
    If socket.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Create an instance of a certificate store object, load a PFX file,
    ; locate the certificate we need, and use it for signing.
    ; (a PFX file may contain more than one certificate.)
    certStore.i = CkCertStore::ckCreate()
    If certStore.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; The 1st argument is the filename, the 2nd arg is the 
    ; PFX file's password:
    success = CkCertStore::ckLoadPfxFile(certStore,"chilkat_secret.pfx","secret")
    If success <> 1
        Debug CkCertStore::ckLastErrorText(certStore)
        CkSocket::ckDispose(socket)
        CkCertStore::ckDispose(certStore)
        ProcedureReturn
    EndIf

    ; Find the certificate by the subject common name:
    jsonCN.i = CkJsonObject::ckCreate()
    If jsonCN.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckUpdateString(jsonCN,"CN","cert common name")

    cert.i = CkCert::ckCreate()
    If cert.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkCertStore::ckFindCert(certStore,jsonCN,cert)
    If success = 0
        Debug CkCertStore::ckLastErrorText(certStore)
        CkSocket::ckDispose(socket)
        CkCertStore::ckDispose(certStore)
        CkJsonObject::ckDispose(jsonCN)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    success = CkSocket::ckSetSslClientCert(socket,cert)

    ssl.i = 1
    maxWaitMillisec.i = 20000

    ; The SSL server hostname may be an IP address, a domain name,
    ; or "localhost".  You'll need to change this:
    sslServerHost.s
    sslServerHost = "123.123.88.88"
    sslServerPort.i = 8123

    ; Connect to the SSL server:
    success = CkSocket::ckConnect(socket,sslServerHost,sslServerPort,ssl,maxWaitMillisec)
    If success <> 1
        Debug CkSocket::ckLastErrorText(socket)
        CkSocket::ckDispose(socket)
        CkCertStore::ckDispose(certStore)
        CkJsonObject::ckDispose(jsonCN)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    ; Set maximum timeouts for reading an writing (in millisec)
    CkSocket::setCkMaxReadIdleMs(socket, 20000)
    CkSocket::setCkMaxSendIdleMs(socket, 20000)

    ; Send a "Hello Server! -EOM-" message:
    success = CkSocket::ckSendString(socket,"Hello Server! -EOM-")
    If success <> 1
        Debug CkSocket::ckLastErrorText(socket)
        CkSocket::ckDispose(socket)
        CkCertStore::ckDispose(certStore)
        CkJsonObject::ckDispose(jsonCN)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    ; The server (in this example) is going to send a "Hello Client! -EOM-" 
    ; message.  Read it:
    receivedMsg.s = CkSocket::ckReceiveUntilMatch(socket,"-EOM-")
    If CkSocket::ckLastMethodSuccess(socket) <> 1
        Debug CkSocket::ckLastErrorText(socket)
        CkSocket::ckDispose(socket)
        CkCertStore::ckDispose(certStore)
        CkJsonObject::ckDispose(jsonCN)
        CkCert::ckDispose(cert)
        ProcedureReturn
    EndIf

    ; Close the connection with the server
    ; Wait a max of 20 seconds (20000 millsec)
    success = CkSocket::ckClose(socket,20000)

    Debug receivedMsg


    CkSocket::ckDispose(socket)
    CkCertStore::ckDispose(certStore)
    CkJsonObject::ckDispose(jsonCN)
    CkCert::ckDispose(cert)


    ProcedureReturn
EndProcedure