Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Verify SSL Server Certificate

See more Socket/SSL/TLS Examples

Demonstrates how to connect to an SSL server and verify its SSL certificate.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Cert,
  Chilkat.Socket;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  socket: TSocket;
  ssl: Boolean;
  maxWaitMillisec: Integer;
  sslServerHost: string;
  sslServerPort: Integer;
  cert: TCert;
  bExpired: Boolean;
  bRevoked: Boolean;
  bSignatureVerified: Boolean;
  bTrustedRoot: Boolean;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  socket := TSocket.Create;

  ssl := True;
  maxWaitMillisec := 20000;

  //  The SSL server hostname may be an IP address, a domain name,
  //  or "localhost". 

  sslServerHost := 'www.paypal.com';
  sslServerPort := 443;

  //  Connect to the SSL server:
  success := socket.Connect(sslServerHost,sslServerPort,ssl,maxWaitMillisec);
  if (success = False) then
    begin
      WriteLn(socket.LastErrorText);
      Exit;
    end;

  cert := TCert.Create;

  success := socket.GetServerCert(cert);
  if (success <> False) then
    begin

      WriteLn('Server Certificate:');
      WriteLn('Distinguished Name: ' + cert.SubjectDN);
      WriteLn('Common Name: ' + cert.SubjectCN);
      WriteLn('Issuer Distinguished Name: ' + cert.IssuerDN);
      WriteLn('Issuer Common Name: ' + cert.IssuerCN);

      bExpired := cert.Expired;
      bRevoked := cert.Revoked;
      bSignatureVerified := cert.SignatureVerified;
      bTrustedRoot := cert.TrustedRoot;

      WriteLn('Expired: ' + bExpired);
      WriteLn('Revoked: ' + bRevoked);
      WriteLn('Signature Verified: ' + bSignatureVerified);
      WriteLn('Trusted Root: ' + bTrustedRoot);

    end;

  //  Close the connection with the server
  //  Wait a max of 20 seconds (20000 millsec)
  success := socket.Close(20000);


  socket.Free;
  cert.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.