News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
The CertVerifyEventHandler is not always triggered  
by byron guerrero [bguerrero at bancared dot com dot gt]
posted on 2003/11/06

Hello, i make a few changes and then the verifyon class was triggered and it worked just find. But i tried from another computer that do not has a client certificate installed, i run the IE and the window to select a client certificate was displayed, i clicked the ok button and the socket did not validate the certificate and return an answer. Then i activated the TLS option on the IE and then works fine. I need to be able to denied access to the socket if the client try to stablish a connection with the socket using only ssl or if this do not send a client certificate.

Best regards

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2003/11/07

> i clicked the ok button and the socket did not validate
> the certificate and return an answer.

Do you mean that you specified a CertVerifyEventHandler delegate and that it did not get called even though you used Mutual Authentication? Or do you mean that the server closed the connection after selecting a client certificate in the browser?
Sends data without calling the verify delegate shouldn't happen, of course.
If this is what you meant, can you send me a small but full example project that explains the bug you're seeing? I'm unable to reproduce that behavior on my computer [the verify delegate always gets called - as expected].
Oh, and by the way: what version of the library are you using? Are you using the latest version [v1.0.13.692]?

by byron guerrero [bguerrero at bancared dot com dot gt]
posted on 2003/11/10

Hello, when i use the Internet Explorer as a client, and the TLS1 option is off, i receive a request of the client certificate as expected, but if i do not have installed a client certificate and press OK, then i receive the response from the socket anyway

by Pieter Philippaerts [Pieter at mentalis dot org]
posted on 2003/11/15

Everything is working perfectly on my computer. If I connect to a small webserver with mutual authentication enabled, the CertVerifyEventHandler was always called as expected.

Can you post the code you're using? Perhaps you're using a wrong Credential Verification flag...

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.