> I'm currently setting up a connection using OpenSSL for the first 
> I'm unsure when I can conclude (on 
> server side) that a client is fully authenticated.

Not sure if your application is a client or server, but they are similar, 
happens in the HandshakeDone event.

You need to check Errcode, if not zero SSL negotiation has already failed and 
should disconnect.  

If Errcode is zero, and you care about certificates, and set SslVerifyPeer, you 
check if the certificate is basically valid.  But a proper check of the 
chain is more complicated, and either needs a list of root certificates 
to test, or use the Microsoft crypto APIs to let Windows check it's root store.
That easier with the latest ICS v8 today,m using OverbyteIcsMsSslUtils.


To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to