|
Forums -> Security Library Forum
The CertVerifyEventHandler is not always triggered |
|
|
by byron guerrero [bguerrero at bancared dot com dot gt] posted on 2003/11/06 |
|
Hello, i make a few changes and then the verifyon class was triggered and it worked just find. But i tried from another computer that do not has a client certificate installed, i run the IE and the window to select a client certificate was displayed, i clicked the ok button and the socket did not validate the certificate and return an answer. Then i activated the TLS option on the IE and then works fine. I need to be able to denied access to the socket if the client try to stablish a connection with the socket using only ssl or if this do not send a client certificate.
Best regards
|
by Pieter Philippaerts [Pieter at mentalis dot org] posted on 2003/11/07 |
|
> i clicked the ok button and the socket did not validate
> the certificate and return an answer.
Do you mean that you specified a CertVerifyEventHandler delegate and that it did not get called even though you used Mutual Authentication? Or do you mean that the server closed the connection after selecting a client certificate in the browser?
Sends data without calling the verify delegate shouldn't happen, of course.
If this is what you meant, can you send me a small but full example project that explains the bug you're seeing? I'm unable to reproduce that behavior on my computer [the verify delegate always gets called - as expected].
Oh, and by the way: what version of the library are you using? Are you using the latest version [v1.0.13.692]? |
by byron guerrero [bguerrero at bancared dot com dot gt] posted on 2003/11/10 |
|
Hello, when i use the Internet Explorer as a client, and the TLS1 option is off, i receive a request of the client certificate as expected, but if i do not have installed a client certificate and press OK, then i receive the response from the socket anyway |
by Pieter Philippaerts [Pieter at mentalis dot org] posted on 2003/11/15 |
|
Everything is working perfectly on my computer. If I connect to a small webserver with mutual authentication enabled, the CertVerifyEventHandler was always called as expected.
Can you post the code you're using? Perhaps you're using a wrong Credential Verification flag... |
|
|