Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Use HTTPS Client Certificate from .cer and .key Files

See more HTTP Examples

Demonstrates how to load a cert + private key from .cer and .key (base64) files and use it for mutual TLS authentication (client-side certificate).

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Http,
  Chilkat.BinData,
  Chilkat.PrivateKey,
  Chilkat.Cert;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  http: THttp;
  cert: TCert;
  privKey: TPrivateKey;
  bd: TBinData;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  http := THttp.Create;

  cert := TCert.Create;
  privKey := TPrivateKey.Create;

  //  Load any type of certificate (.cer, .p7b, .pem, etc.) by calling LoadFromFile.
  success := cert.LoadFromFile('qa_data/certs/sample_cert_a.cer');
  if (success <> True) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Load the private key.
  bd := TBinData.Create;
  success := bd.LoadFile('qa_data/certs/sample_key_a.key');
  success := privKey.LoadAnyFormat(bd,'privateKeyPasswordIfNecessary');
  if (success <> True) then
    begin
      WriteLn(privKey.LastErrorText);
      Exit;
    end;

  //  Associate the private key with the cert.
  success := cert.SetPrivateKey(privKey);
  if (success <> True) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Set the certificate to be used for mutual TLS authentication
  //  (i.e. sets the client-side certificate for two-way TLS authentication)
  success := http.SetSslClientCert(cert);
  if (success <> True) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  //  At this point, the HTTP object instance is setup with the client-side cert, and any SSL/TLS
  //  connection will automatically use it if the server demands a client-side cert.


  http.Free;
  cert.Free;
  privKey.Free;
  bd.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.