CloudFlare suffered a massive security issue affecting all of its customers, including Rosetta Code. All passwords not changed since February 19th 2017 have been expired, and session cookie longevity will be reduced until late March.--Michael Mol (talk) 05:15, 25 February 2017 (UTC)


From Rosetta Code
You are encouraged to solve this task according to the task description, using any language you may know.

Demonstrate how to connect to a web server over HTTPS where that server requires that the client present a certificate to prove who (s)he is. Unlike with the HTTPS request with authentication task, it is not acceptable to perform the authentication by a username/password or a set cookie.

This task is in general useful for use with webservice clients as it offers a high level of assurance that the client is an acceptable counterparty for the server. For example, Amazon Web Services uses this style of authentication.


Works with: C sharp version 3.0
using System;
using System.Net;
class Program
class MyWebClient : WebClient
protected override WebRequest GetWebRequest(Uri address)
HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(address);
request.ClientCertificates.Add(new X509Certificate());
return request;
static void Main(string[] args)
var client = new MyWebClient();
var data = client.DownloadString("");


local(sslcert = file('myCert.pem'))
local(x = curl(''))
#x->set(CURLOPT_SSLCERT, #sslcert->readstring)

Mathematica / Wolfram Language[edit]

a = RunThrough["curl -E myCert.pem", 1]
For[ i=0, i < Length[a] , i++, SomeFunction[a]]


(in '(curl "-E" "myCert.pem" "")
(while (line)
(doSomeProcessingWithLine @) ) )


import httplib
connection = httplib.HTTPSConnection('',cert_file='myCert.PEM')
response = connection.getresponse()
data =


Skeleton code to connect to a server:

#lang racket
(require openssl/mzssl)
(define ctx (ssl-make-client-context))
(ssl-set-verify! ctx #t) ; verify the connection
(ssl-load-verify-root-certificates! ctx "my-cert.pem")
(define-values [I O] (ssl-connect "" 443 ctx))


Uses the Tls package.

package require http
package require tls
set cert myCert.p12
http::register https 443 [list \
 ::tls::socket -certfile $cert -password getPass]
proc getPass {} {
return "myPassword"; # Just a noddy example...
# Make a secure authenticated connection
set token [http::geturl]
# Now as for conventional use of the “http” package
set data [http::data $token]
http::cleanup $token


Uses libCurl.

var CURL=Import("zklCurl"), c=CURL();
c.setOpt("SSLCERT","certFile.pem"); c.setOpt("SSLCERTTYPE","pem");
c.get(""); // lame example to show how to read