This is an example SSL Client I created. I looked everywhere and could find no examples in Visual Basic, or C++ for that matter. I did find some commercially available controls but those were upwards of $1,000 for a license. I hope you find this code useful, thanks.
Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come
out every day, so no prevention program can catch 100% of them. For your own safety, please:
Re-scan downloaded files using your personal virus checker before using it.
NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
Scan the source code with Minnow's Project Scanner
If you don't have a virus scanner, you can get one at many places on the net
including:McAfee.com
Terms of Agreement:
By using this code, you agree to the following terms...
You may use
this code in your own programs (and may compile it into a program and distribute it in compiled format for languages that allow it) freely and with no charge.
You MAY NOT redistribute this code (for example to a web site) without written permission from the original author. Failure to do so is a violation of copyright laws.
You may link to this code from another website, but ONLY if it is not wrapped in a frame.
You will abide by any additional copyright restrictions which the author may have placed in the code or code's description.
one word , GREAT! 5 Globes from me .. (can't give you 10 ;) (If this comment was disrespectful, please report it.)
3/3/2003 4:38:21 AM:
Awesome! Exactly what I was looking for 5 Golden Goose's from me! :) (If this comment was disrespectful, please report it.)
3/3/2003 4:41:43 AM:
This is the goodz! I have been looking for so long for some SSL coding but ran into the same problems as you. Thankyou 5 Golden Goose's from me too :) (If this comment was disrespectful, please report it.)
3/3/2003 4:42:31 AM:
I Lies this so much I decided to vote 3 times :) (If this comment was disrespectful, please report it.)
3/3/2003 4:42:40 AM:
I Liked this so much I decided to vote 3 times :) (If this comment was disrespectful, please report it.)
Thanks everyone, I am really glad to see that the code was so well appreciated. I only put it up last night and already I've had so much positive feed back! :-D (If this comment was disrespectful, please report it.)
3/3/2003 1:18:24 PM:
Jason, excellent ! 5 from me. What about a server-part ? (If this comment was disrespectful, please report it.)
3/3/2003 1:20:32 PM:
Thanks a lot, this is what I call usefull :) 5 globes ofcourse! (If this comment was disrespectful, please report it.)
(If this comment was disrespectful, please report it.)
3/3/2003 4:46:11 PM:
Is it ok to ask what an SSL is and are there pills I can take to remove it if I ever become infected with it? The only layer I am wearing are sweats and I though I do find them comfy, they aren't really that much secure let alone come with any sockets. (If this comment was disrespectful, please report it.)
I have no plans at this time to make a server-side example, but to make one would entail generating a private key, and a Certificate for your server. To have a certificate signed by a CA like VeriSign costs some money. In addition you would need to make a few basic changes in the hand shake, but most of the foundation for building an SSL server is in this example. If you need more assistance or clarification please e-mail me. (If this comment was disrespectful, please report it.)
The code is very well done. Simply done and commented well. Great work. (If this comment was disrespectful, please report it.)
3/3/2003 7:45:09 PM:
I have known Jason for a while, and I know he has been working his best on this project for months. I think its very generous for him to post the code to PSC, he got it working just two days ago, then perfected it. 5 globes from me, the code works and is explained well. (If this comment was disrespectful, please report it.)
my question is what is SSL??? i know that it's very secure for your site but isn't this... ur code... just able to connect to it? so it's a client>>> how is it hard to make a client? i don't mean this in a bad way... it's a question (can't u just use the ie and type in https://site.com/ ?) or maybe... ur trying to do it in socket and it needs ur code to encrypt it or watever<<< is it right?thx (If this comment was disrespectful, please report it.)
This is Excelent! This is a nice SSL Client (If this comment was disrespectful, please report it.)
3/9/2003 9:22:05 PM:
This is a great demo! I just implemented it into a VB Control to handle basic HTTP/HTTPS requests. (If this comment was disrespectful, please report it.)
Interesting code on making this SSL thing. It was clear and simple (maybe very easy to use in my own code). Sounds like another thing I could use. (If this comment was disrespectful, please report it.)
3/21/2003 7:14:01 AM:
Hi my friends !
How can I use the SSL type connection in my database local connections ? (with ADO)? (Ex : MySQL and PostgreSQL)
5 globes to me (If this comment was disrespectful, please report it.)
jason 5 ***** globe (If this comment was disrespectful, please report it.)
4/18/2003 9:42:11 PM:
THanks for the code. I couldn't find one for a while and reality had hit me that I would have to write the code myself but I have trouble finding detail information about step-by-step on how does SSL work. Thanks and that help alot... (If this comment was disrespectful, please report it.)
4/19/2003 11:46:09 AM:
This is a great code but where are the headers like Cookie:, Server: and others???
(If this comment was disrespectful, please report it.)
4/19/2003 12:13:01 PM:
problem solved!
5 globes 4 u
p.s. I have another example from microsoft.com. That one is using wininet.dll and it isn't good as yours. (If this comment was disrespectful, please report it.)
You can add the cookie, server, etc. headers into the client if you wish, I kept it as simple as possible and only programmed it to send the HTTP GET command. However this exaple can be used for much more than just HTTPS, there are IRC servers for example which run over SSL. One thing about wininet.dll is it can only be used for HTTPS and HTTP, but not any other kind of protocol. (If this comment was disrespectful, please report it.)
I have use POST instead of GET to login to the paypal but failed & return me index instead of login fail page. How..? (If this comment was disrespectful, please report it.)
I admire your work, GREAT job ! Thanks for sharing this with the community ! If you were a girl, you'd get a kiss :P 5 globies from me!!! (If this comment was disrespectful, please report it.)
7/7/2003 12:25:19 AM:
Jase, Thats bad a$$. Teach me to what you know. (If this comment was disrespectful, please report it.)
Good job!, I have been looking for some SSL code forever! (If this comment was disrespectful, please report it.)
8/19/2003 2:04:34 PM:
Thanks very much for this excellent Code! It's exactly, I was looking for. Greetings from Germany & 5 Globes!
Wolfgang (If this comment was disrespectful, please report it.)
8/20/2003 2:39:52 AM:
Man, really nice job, done and commented very well. I was looking for this for ages, but couldn't find any article on SSL. 5 globes for this piece of art from me! (If this comment was disrespectful, please report it.)
8/20/2003 7:03:01 AM:
My Problem was: I first had to click "Connect" and then click "Send Data". Here is the solution to do it in one way:
'Open Socket to Remote Server Winsock1.Close Winsock1.Connect Text3.Text, 443 Do DoEvents Loop Until Winsock1.State = sckConnected Or Winsock1.State = sckError If Winsock1.State = sckError Then MsgBox "Winsock Error!", vbCritical Do DoEvents Loop Until Layer = 3 ...here the code to send the Data...
(If this comment was disrespectful, please report it.)
9/25/2003 10:38:39 AM:
This is absolutely great code. 5 stars from me. I am also wondering why it does not receive the web page header? Anyways Great job! (If this comment was disrespectful, please report it.)
Any ways that this can be upgraded to work with SSL v3 ? (If this comment was disrespectful, please report it.)
11/18/2003 2:46:00 PM:
Great code!!! 5 stars! Question: How can I add proxy support? I know what proxy headers to add in normal HTTP mode, but not in ssl... Thanks! (If this comment was disrespectful, please report it.)
Would it be possible your still working on this code? I need to be able to set the bit.. aka 128/512 blah blah.. also a FTP example would be very nice! (If this comment was disrespectful, please report it.)
2/2/2004 1:39:15 PM:
Thank You.
I downloaded your code, unzipped it and it ran without error. Thats a first for me.
This will save me a lot of time and frustration which I appreciate you doing on our behalf.
Thanks again.
(If this comment was disrespectful, please report it.)
2/4/2004 9:36:38 PM:
will this code work with SSL v3 ? I have a remote host which only allow me to connect via SSL v3.
Please help. (If this comment was disrespectful, please report it.)
I don't suppose you've got any idea how to implement the other side of the connection, do you? Code to implement SSL in a server program would be incredible :) (If this comment was disrespectful, please report it.)
how can i get the headers from the server after using the GET command? please replay. btw 5 from me as is ;] (If this comment was disrespectful, please report it.)
10/18/2004 2:47:39 PM:
Hi, Is there a chance you can provide a sample for secured FTP access? thank you :-) (If this comment was disrespectful, please report it.)
12/8/2004 8:16:37 PM:
There is an error in the code that prevents uploads of requests greater than 32 KB ... this had stalled my project for a couple of weeks now. With this error fixed, your code has been a great asset to my project. Thanks!
Anyway, here is the solution:
-- In SSL.bas : SSLSend --
... SendAnother = True OtherPart = Mid(Plaintext, 32752) ' This line above must be *before* the one below, or else a null string is returned, limiting request upload to 32 KB Plaintext = Mid(Plaintext, 1, 32751)
... (If this comment was disrespectful, please report it.)
Thank you for that! Such a small bug with such large consequences. (If this comment was disrespectful, please report it.)
2/3/2005 4:53:43 AM:
Jason, has the code been updated or do we need to update the code ourselves according to the bug report above? (If this comment was disrespectful, please report it.)
2/18/2005 1:32:30 PM:
anyway this could be used to login to pops with ssl (If this comment was disrespectful, please report it.)
2/22/2005 3:08:21 PM:
There is also a need to modify the application to receive downloads larger than ~64K. It requires buffering the data received after the connection is made, and then processing when the download is complete. I have e-mailed these changes to Jason ... hopefully he will post it here. (If this comment was disrespectful, please report it.)
As of today I have updated the submission with regards to user-reported bugs. Thanks! Also to all the people asking if this can be used to secure pop, ftp, http, etc, the answer is yes. The various protocols remain exactly the same, they simply work on top of the SSL layer. So to implment http over SSL, send the appropriate information using this project's SSLSend() function as opposed to winsock1.senddata(). I hope this helps :-)
Oh and because I have gotten a large number of people asking how to get cookies or other header information from a web server, you need to send an HTTP 1.1 compliant request. Such as:
GET /index.html HTTP/1.1
In my example I send a much simpler request, because I just wanted to demonstrate the SSL protocol, not so much the HTTP protocol. Thanks for all of the positive feedback. (If this comment was disrespectful, please report it.)
3/14/2005 7:54:33 PM:
Great code! My question is how would I get it to handle client authentication. Like when the server requests a certificate.
Thanks (If this comment was disrespectful, please report it.)
3/27/2005 12:07:50 AM:
Great code! Owe you one!
I tried including http version (HTTP/1.1) in the first line of my https request and the IIS server doesnt send back anything. I wonder if there is a differece in request structure for HTTP and HTTPS.
It worked fine without the http version though. (If this comment was disrespectful, please report it.)
3/28/2005 12:57:28 PM:
What does your request look like? HTTP/1.1 works for me.
Does anyone have any idea about Client Certificates? (If this comment was disrespectful, please report it.)
3/31/2005 4:09:32 PM:
I get Invalid Challenge data from some SSL sites what does this mean? (If this comment was disrespectful, please report it.)
It does not work at all ... What a pity !!! Is anyone able to give a real valid sample of how to pratice ssl communications in VB ? Thanx in advance for the whole community :). (If this comment was disrespectful, please report it.)
i wish i know how i contact with a ssl server or how can o make a server to try it.. but..i looked your code. seems great (If this comment was disrespectful, please report it.)
it works great but when i tried to use to connect gmail server: https://smtp.gmail.com:465 , it response the 'clienthello', but after I send 'SendMasterKey', the connection was closed by server.
I think perhaps gmail use SSL version 3 and your code is only supports version 2?
Would you please provide a SSL version 3 client code? (If this comment was disrespectful, please report it.)
Excellent code! I'm working on implementing TLSv1.1 right now, and this will surely come in handy for a bit.
For y'all who want to take a whack at SSL/TLS for yourself: http://en.wikipedia.org/wiki/Transport_Layer_Security (If this comment was disrespectful, please report it.)
Add Your Feedback
Your feedback will be posted below and an email sent to
the author. Please remember that the author was kind enough to
share this with you, so any criticisms must be stated politely, or they
will be deleted. (For feedback not related to this particular code, please
click here instead.)
By 94 Users
Download code
3/3/2003 3:01:07 AM: 
