Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Use Installed Cert on Windows for TLS Client Authentication

See more HTTP Examples

Demonstrates how to use a certificate that has already been installed on a Windows PC for TLS client authentication.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Cert,
  Chilkat.Http;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  http: THttp;
  cert: TCert;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  http := THttp.Create;

  //  On Windows, a pre-installed certificate can be loaded in a number of different ways.
  //  This example loads by the common name:
  cert := TCert.Create;
  success := cert.LoadByCommonName('My ECA Medium Assurance Identity Certificate');
  if (success <> True) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  //  Make sure this certificate has a private key available.  
  //  It should be a private key such that when the certificate was installed, it was marked as "exportable"
  //  so that authorized programs are able to access the private key.
  if (cert.HasPrivateKey() <> True) then
    begin
      WriteLn('A private key is needed for TLS client authentication.');
      WriteLn('This certificate has no private key.');
      Exit;
    end;

  //  Set the certificate to be used for mutual TLS authentication
  //  (i.e. sets the client-side certificate for two-way TLS authentication)
  success := http.SetSslClientCert(cert);
  if (success <> True) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  //  At this point, the HTTP object instance is setup with the client-side cert, and any SSL/TLS
  //  connection will automatically use it if the server demands a client-side cert.


  http.Free;
  cert.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.