login about faq

I am putting together an SSL Socket connection - using Chilkat Socket component both at the client and the server.

Things seem to be working well - in terms of server receiving messages from the client over SSL (with both client and server using certificates).

Need two things: (1) How do I confirm that the client SSL Authentication is actually taking place? Is there anything at the server end (chilkat socket) that can be used to drop connection if the client authentication fails?

(2) At the client end I am using SetSslClientCert. AT the server end I am using GetReceivedClientCert.

But I can't get the client's certificate at the server end.

Chilkat help talks about "Client certificates are customarily only sent when the server demands client-side authentication, as in 2-way SSL/TLS.". So, with my Chilkat SSL socket server, how do I demand client-side authentication?

asked Aug 17 '16 at 09:04

chilkat's gravatar image

chilkat ♦♦

To require a client-side certificate, call listenSocket.AddSslAcceptableClientCaDn (on the listen socket) prior to calling listenSocket.InitSslServer.

This will set the list of acceptable certificate authority DN's for client certs (a client cert would need to have a chain of authentication that ends in a root cert that is one of the listed DN's). Once you do this, and assuming the client sent the cert, then it should be available via GetReceivedClientCert.


answered Aug 17 '16 at 09:04

chilkat's gravatar image

chilkat ♦♦

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Aug 17 '16 at 09:04

Seen: 4,018 times

Last updated: Aug 17 '16 at 09:04

powered by OSQA