Sample code for 30+ languages & platforms
Java

Verify SSL Server Certificate

See more Socket/SSL/TLS Examples

Demonstrates how to connect to an SSL server and verify its SSL certificate.

Chilkat Java Downloads

Java
import com.chilkatsoft.*;

public class ChilkatExample {

  static {
    try {
        System.loadLibrary("chilkat");
    } catch (UnsatisfiedLinkError e) {
      System.err.println("Native code library failed to load.\n" + e);
      System.exit(1);
    }
  }

  public static void main(String argv[])
  {
    boolean success = false;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkSocket socket = new CkSocket();

    boolean ssl = true;
    int maxWaitMillisec = 20000;

    // The SSL server hostname may be an IP address, a domain name,
    // or "localhost". 
    String sslServerHost;
    sslServerHost = "www.paypal.com";
    int sslServerPort = 443;

    // Connect to the SSL server:
    success = socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
    if (success == false) {
        System.out.println(socket.lastErrorText());
        return;
        }

    CkCert cert = new CkCert();

    boolean bExpired;
    boolean bRevoked;
    boolean bSignatureVerified;
    boolean bTrustedRoot;

    success = socket.GetServerCert(cert);
    if (success != false) {

        System.out.println("Server Certificate:");
        System.out.println("Distinguished Name: " + cert.subjectDN());
        System.out.println("Common Name: " + cert.subjectCN());
        System.out.println("Issuer Distinguished Name: " + cert.issuerDN());
        System.out.println("Issuer Common Name: " + cert.issuerCN());

        bExpired = cert.get_Expired();
        bRevoked = cert.get_Revoked();
        bSignatureVerified = cert.get_SignatureVerified();
        bTrustedRoot = cert.get_TrustedRoot();

        System.out.println("Expired: " + bExpired);
        System.out.println("Revoked: " + bRevoked);
        System.out.println("Signature Verified: " + bSignatureVerified);
        System.out.println("Trusted Root: " + bTrustedRoot);

        }

    // Close the connection with the server
    // Wait a max of 20 seconds (20000 millsec)
    success = socket.Close(20000);
  }
}