Objective-C
Objective-C
Use a TLS Client Certificate
See more SMTP Examples
Demonstrates the Chilkat MailMan.SetSslClientCert method, which sets the client-side certificate to use for SSL/TLS connections. This is typically not required — most SSL/TLS connections authenticate the server only. This example loads a client certificate from a PFX and uses it when connecting.
Background: In an ordinary TLS handshake only the server presents a certificate, and the client proves who it is later with a password. Mutual TLS adds a second leg: the client also presents a certificate, so it is authenticated cryptographically at the transport layer. Some corporate or high-security mail servers require this. Because the client must prove possession of the key, the certificate needs its private key — hence loading from a PFX.
Chilkat Objective-C Downloads
#import <CkoMailMan.h>
#import <CkoCert.h>
BOOL success = NO;
// Demonstrates the MailMan.SetSslClientCert method, which sets the client-side certificate
// to use for SSL/TLS connections. This is typically not required -- most SSL/TLS
// connections authenticate the server only.
CkoMailMan *mailman = [[CkoMailMan alloc] init];
// Configure the SMTP server connection.
mailman.SmtpHost = @"smtp.example.com";
mailman.SmtpPort = [NSNumber numberWithInt:465];
mailman.SmtpSsl = YES;
mailman.SmtpUsername = @"user@example.com";
mailman.SmtpPassword = @"myPassword";
// Load the client certificate (with its private key) from a PFX file.
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadPfxFile: @"qa_data/certs/client.pfx" password: @"pfx_password"];
if (success == NO) {
NSLog(@"%@",cert.LastErrorText);
return;
}
// Use this certificate to identify the client during the TLS handshake.
success = [mailman SetSslClientCert: cert];
if (success == NO) {
NSLog(@"%@",mailman.LastErrorText);
return;
}
success = [mailman VerifySmtpLogin];
if (success == NO) {
NSLog(@"%@",mailman.LastErrorText);
return;
}
NSLog(@"%@",@"Connected using a TLS client certificate.");
// Note: The path "qa_data/certs/client.pfx" is a relative local filesystem path,
// relative to the current working directory of the running application.