(Tcl) OCSP Check Domain's Server Certificate Revocation Status
Sends an OCSP request to determine the revocation status for an SSL server certificate.
Note: This example requires Chilkat v9.5.0.84 or greater.
load ./chilkat.dll
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set http [new_CkHttp]
# Check the revocation status of the SSL server certificate for chilkatsoft.com
set status [CkHttp_OcspCheck $http "chilkatsoft.com" 443]
puts "chilkatsoft.com status = $status"
# The status can have 4 values:
# -1: Unable to check because of an error.
# 0: Good
# 1: Revoked
# 2: Unknown
if {$status < 0} then {
puts [CkHttp_lastErrorText $http]
}
# Now check the status for a revoked server certificate.
set status [CkHttp_OcspCheck $http "revoked.badssl.com" 443]
puts "revoked.badssl.com status = $status"
delete_CkHttp $http
|
