Thanks Angus, that answers my question.

Have a nice day!

Merijn


On 12/06/2015 16:13, Angus Robertson - Magenta Systems Ltd wrote:
I'm currently setting up a connection using OpenSSL for the first
I'm unsure when I can conclude (on
server side) that a client is fully authenticated.
Not sure if your application is a client or server, but they are similar, 
everything
happens in the HandshakeDone event.

You need to check Errcode, if not zero SSL negotiation has already failed and 
you
should disconnect.

If Errcode is zero, and you care about certificates, and set SslVerifyPeer, you 
can
check if the certificate is basically valid.  But a proper check of the 
certificate
chain is more complicated, and either needs a list of root certificates 
(hundreds)
to test, or use the Microsoft crypto APIs to let Windows check it's root store.
That easier with the latest ICS v8 today,m using OverbyteIcsMsSslUtils.

Angus


--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to