login about faq

I am putting together an SSL Socket connection - using Chilkat Socket component both at the client and the server.

Things seem to be working well - in terms of server receiving messages from the client over SSL (with both client and server using certificates).

Need two things: (1) How do I confirm that the client SSL Authentication is actually taking place? Is there anything at the server end (chilkat socket) that can be used to drop connection if the client authentication fails?

(2) At the client end I am using SetSslClientCert. AT the server end I am using GetReceivedClientCert.

But I can't get the client's certificate at the server end.

Chilkat help talks about "Client certificates are customarily only sent when the server demands client-side authentication, as in 2-way SSL/TLS.". So, with my Chilkat SSL socket server, how do I demand client-side authentication?

asked Aug 17 at 09:04

chilkat's gravatar image

chilkat ♦♦
11.8k316358420


To require a client-side certificate, call listenSocket.AddSslAcceptableClientCaDn (on the listen socket) prior to calling listenSocket.InitSslServer.

This will set the list of acceptable certificate authority DN's for client certs (a client cert would need to have a chain of authentication that ends in a root cert that is one of the listed DN's). Once you do this, and assuming the client sent the cert, then it should be available via GetReceivedClientCert.

link

answered Aug 17 at 09:04

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×56
×32
×12
×1

Asked: Aug 17 at 09:04

Seen: 194 times

Last updated: Aug 17 at 09:04

powered by OSQA