Objective-C
Objective-C
Require SSL Server Certificate Domain Match
See more HTTP Examples
Demonstrates how to require that the SSL server certificate's domain matches the intended domain.Chilkat Objective-C Downloads
#import <CkoHttp.h>
#import <NSString.h>
BOOL success = NO;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkoHttp *http = [[CkoHttp alloc] init];
// Call SetSslCertRequirement to require that the SSL server certificate's domain
// matches only the domain we are intending to communicate with.
// In this example we will test with the URL https://wrong.host.badssl.com/
// which intentionally has an SSL certificate that does not match "wrong.host.badssl.com"
[http SetSslCertRequirement: @"SAN" reqValue: @"wrong.host.badssl.com"];
// Also validate the server cert..
http.RequireSslCertVerify = YES;
// Try sending the request. It should fail within the SSL/TLS handshake
// because the server's certificate does not match the domain "wrong.host.badssl.com"
NSString *html = [http QuickGetStr: @"https://wrong.host.badssl.com/"];
if (http.LastMethodSuccess == NO) {
NSLog(@"%@",http.LastErrorText);
}
else {
NSLog(@"%@",@"Unexpected success.");
}