Java
Java
Verify SSL Server Certificate
See more Socket/SSL/TLS Examples
Demonstrates how to connect to an SSL server and verify its SSL certificate.Chilkat Java Downloads
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
boolean success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkSocket socket = new CkSocket();
boolean ssl = true;
int maxWaitMillisec = 20000;
// The SSL server hostname may be an IP address, a domain name,
// or "localhost".
String sslServerHost;
sslServerHost = "www.paypal.com";
int sslServerPort = 443;
// Connect to the SSL server:
success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
if (success == false) {
System.out.println(socket.lastErrorText());
return;
}
CkCert cert = new CkCert();
boolean bExpired;
boolean bRevoked;
boolean bSignatureVerified;
boolean bTrustedRoot;
success = socket.GetServerCert(cert);
if (success != false) {
System.out.println("Server Certificate:");
System.out.println("Distinguished Name: " + cert.subjectDN());
System.out.println("Common Name: " + cert.subjectCN());
System.out.println("Issuer Distinguished Name: " + cert.issuerDN());
System.out.println("Issuer Common Name: " + cert.issuerCN());
bExpired = cert.get_Expired();
bRevoked = cert.get_Revoked();
bSignatureVerified = cert.get_SignatureVerified();
bTrustedRoot = cert.get_TrustedRoot();
System.out.println("Expired: " + bExpired);
System.out.println("Revoked: " + bRevoked);
System.out.println("Signature Verified: " + bSignatureVerified);
System.out.println("Trusted Root: " + bTrustedRoot);
}
// Close the connection with the server
// Wait a max of 20 seconds (20000 millsec)
success = socket.Close(20000);
}
}