Sample code for 30+ languages & platforms
Objective-C

Require SSL Server Certificate Domain Match

See more HTTP Examples

Demonstrates how to require that the SSL server certificate's domain matches the intended domain.

Chilkat Objective-C Downloads

Objective-C
#import <CkoHttp.h>
#import <NSString.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

CkoHttp *http = [[CkoHttp alloc] init];

// Call SetSslCertRequirement to require that the SSL server certificate's domain
// matches only the domain we are intending to communicate with.

// In this example we will test with the URL https://wrong.host.badssl.com/
// which intentionally has an SSL certificate that does not match "wrong.host.badssl.com"

[http SetSslCertRequirement: @"SAN" reqValue: @"wrong.host.badssl.com"];

// Also validate the server cert..
http.RequireSslCertVerify = YES;

// Try sending the request.  It should fail within the SSL/TLS handshake
// because the server's certificate does not match the domain "wrong.host.badssl.com"
NSString *html = [http QuickGetStr: @"https://wrong.host.badssl.com/"];
if (http.LastMethodSuccess == NO) {
    NSLog(@"%@",http.LastErrorText);
}
else {
    NSLog(@"%@",@"Unexpected success.");
}