Sample code for 30+ languages & platforms
Objective-C

Use a TLS Client Certificate

See more SMTP Examples

Demonstrates the Chilkat MailMan.SetSslClientCert method, which sets the client-side certificate to use for SSL/TLS connections. This is typically not required — most SSL/TLS connections authenticate the server only. This example loads a client certificate from a PFX and uses it when connecting.

Background: In an ordinary TLS handshake only the server presents a certificate, and the client proves who it is later with a password. Mutual TLS adds a second leg: the client also presents a certificate, so it is authenticated cryptographically at the transport layer. Some corporate or high-security mail servers require this. Because the client must prove possession of the key, the certificate needs its private key — hence loading from a PFX.

Chilkat Objective-C Downloads

Objective-C
#import <CkoMailMan.h>
#import <CkoCert.h>

BOOL success = NO;

//  Demonstrates the MailMan.SetSslClientCert method, which sets the client-side certificate
//  to use for SSL/TLS connections.  This is typically not required -- most SSL/TLS
//  connections authenticate the server only.

CkoMailMan *mailman = [[CkoMailMan alloc] init];

//  Configure the SMTP server connection.
mailman.SmtpHost = @"smtp.example.com";
mailman.SmtpPort = [NSNumber numberWithInt:465];
mailman.SmtpSsl = YES;
mailman.SmtpUsername = @"user@example.com";
mailman.SmtpPassword = @"myPassword";

//  Load the client certificate (with its private key) from a PFX file.
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadPfxFile: @"qa_data/certs/client.pfx" password: @"pfx_password"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

//  Use this certificate to identify the client during the TLS handshake.
success = [mailman SetSslClientCert: cert];
if (success == NO) {
    NSLog(@"%@",mailman.LastErrorText);
    return;
}

success = [mailman VerifySmtpLogin];
if (success == NO) {
    NSLog(@"%@",mailman.LastErrorText);
    return;
}

NSLog(@"%@",@"Connected using a TLS client certificate.");

//  Note: The path "qa_data/certs/client.pfx" is a relative local filesystem path,
//  relative to the current working directory of the running application.