|
Forums -> Security Library Forum
CertVerifyEventHandler is not working |
|
|
by byron guerrero [bguerrero at bancared dot com dot gt] posted on 2003/10/28 |
|
Hello, i am trying to use SSL/TLS, but then CertVerifyEventHandler it is not working, i access the socket using the IE and accepts all the calls and i am not sending a client certificate.
SecureProtocol sp = SecureProtocol.Ssl3 | SecureProtocol.Tls1;
SecurityOptions options = new SecurityOptions(sp, cert, ConnectionEnd.Server, Org.Mentalis.Security.Ssl.CredentialVerification.Manual, new CertVerifyEventHandler(OnVerify), "10.231.8.24", Org.Mentalis.Security.Ssl.SecurityFlags.MutualAuthentication, Org.Mentalis.Security.Ssl.SslAlgorithms.RSA_3DES_168_SHA |Org.Mentalis.Security.Ssl.SslAlgorithms.NULL_COMPRESSION , null );
|
by Pieter Philippaerts [Pieter at mentalis dot org] posted on 2003/10/31 |
|
I modified our WebServer example project by replacing the SecurityOptions initialization with the one you posted in your message and by adding a OnVerify method, and everything is working perfectly. If I connect to the WebServer, IE shows a dialog with my client certificates and ask me to select one. If I select one, it is correctly sent to the server and the OnVerify delegate is called with the chosen certificate.
It is possible that IE is sending a client certificate automatically [it does this if you previously connected to the server]. Are you sure the OnVerify delegate isn't called?
If you're still having problems, could you email me a complete example? |
by byron guerrero [bguerrero at bancared dot com dot gt] posted on 2003/11/05 |
|
Hello, i make a few changes and then the verifyon class was triggered and it worked just find. But i tried from another computer that do not has a client certificate installed, i run the IE and the window to select a client certificate was displayed, i clicked the ok button and the socket did not validate the certificate and return an answer. Then i activated the TLS option on the IE and then works fine. I need to be able to denied access to the socket if the client try to stablish a connection with the socket using only ssl or if this do not send a client certificate.
Best regards |
|
|