login about faq

Is two-way TLS supported by Chilkat?

asked Oct 24 '12 at 12:36

chilkat's gravatar image

chilkat ♦♦
11.8k316358420


Two-way TLS is another name for "client certificates".

Yes, all Chilkat classes/objects that support TLS (POP3, SMTP, FTP, HTTP, IMAP, etc.) also provide the ability to provide client certificates.

Here is an explanation of client-side certificates from https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

Client side certificates can be used with TLS to prove the identity of the client to the server. Referred to as "two-way TLS", this configuration requires the client to provide their certificate to the server, in addition to the server providing their's to the client. If client certificates are used, ensure that the same validation of the client certificate is performed by the server, as indicated for the validation of server certificates above. In addition, the server should be configured to drop the TLS connection if the client certificate cannot be verified or is not provided.

The use of client side certificates is relatively rare currently due to the complexities of certificate generation, safe distribution, client side configuration, certificate revocation and reissuance, and the fact that clients can only authenticate on machines where their client side certificate is installed. Such certificates are typically used for very high value connections that have small user populations.

link

answered Oct 24 '12 at 12:38

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

The following methods are common to any class that uses SSL/TLS:

SetSslClientCert
SetSslClientCertPem
SetSslClientCertPfx

These provide a means for the application to specify the client-side cert (and private key) to be used in the SSL/TLS connection.

(Oct 24 '12 at 12:40) chilkat ♦♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×32
×1

Asked: Oct 24 '12 at 12:36

Seen: 1,729 times

Last updated: Oct 24 '12 at 12:40

powered by OSQA