Unicode C
Unicode C
Verify SSL Server Certificate
See more Socket/SSL/TLS Examples
Demonstrates how to connect to an SSL server and verify its SSL certificate.Chilkat Unicode C Downloads
#include <C_CkSocketW.h>
#include <C_CkCertW.h>
void ChilkatSample(void)
{
BOOL success;
HCkSocketW socket;
BOOL ssl;
int maxWaitMillisec;
const wchar_t *sslServerHost;
int sslServerPort;
HCkCertW cert;
BOOL bExpired;
BOOL bRevoked;
BOOL bSignatureVerified;
BOOL bTrustedRoot;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
socket = CkSocketW_Create();
ssl = TRUE;
maxWaitMillisec = 20000;
// The SSL server hostname may be an IP address, a domain name,
// or "localhost".
sslServerHost = L"www.paypal.com";
sslServerPort = 443;
// Connect to the SSL server:
success = CkSocketW_Connect(socket,sslServerHost,sslServerPort,ssl,maxWaitMillisec);
if (success == FALSE) {
wprintf(L"%s\n",CkSocketW_lastErrorText(socket));
CkSocketW_Dispose(socket);
return;
}
cert = CkCertW_Create();
success = CkSocketW_GetServerCert(socket,cert);
if (success != FALSE) {
wprintf(L"Server Certificate:\n");
wprintf(L"Distinguished Name: %s\n",CkCertW_subjectDN(cert));
wprintf(L"Common Name: %s\n",CkCertW_subjectCN(cert));
wprintf(L"Issuer Distinguished Name: %s\n",CkCertW_issuerDN(cert));
wprintf(L"Issuer Common Name: %s\n",CkCertW_issuerCN(cert));
bExpired = CkCertW_getExpired(cert);
bRevoked = CkCertW_getRevoked(cert);
bSignatureVerified = CkCertW_getSignatureVerified(cert);
bTrustedRoot = CkCertW_getTrustedRoot(cert);
wprintf(L"Expired: %d\n",bExpired);
wprintf(L"Revoked: %d\n",bRevoked);
wprintf(L"Signature Verified: %d\n",bSignatureVerified);
wprintf(L"Trusted Root: %d\n",bTrustedRoot);
}
// Close the connection with the server
// Wait a max of 20 seconds (20000 millsec)
success = CkSocketW_Close(socket,20000);
CkSocketW_Dispose(socket);
CkCertW_Dispose(cert);
}