Glossary Item Box
Creating an SSL Client is quite simple. The Tcp component communicates with remote hosts via a SegmentedStream object (which adds "enhanced" reading/writing capability) returned by Stream (see the topic PowerTCP Secure Implementation Explained for a more in-depth explanation of the inner-workings). Simply call the methods of the Tcp component to communicate securely.
Communicate securely with the Tcp component.
This example demonstrates communicating securely with the Tcp component. In this example, the UseAuthentication property is set to false, meaning the certificate the server sends will be accepted no matter if it is valid or invalid. Doing this simplifies things but also reduces certificate control. This is addressed later in this topic.
[C#]
private void SecureTest()
{
// "Disable" certificate authentication (accept any certificate the server sends)
tcp1.UseAuthentication = false;
// Connect to a secure server.
tcp1.Connect("myserver", 443);
// Send secure data
tcp1.Send("Test");
// Close the connection
tcp1.Close();
}
[Visual Basic]
Private Sub SecureTest()
' "Disable" certificate authentication (accept any certificate the server sends)
Tcp1.UseAuthentication = False
' Connect to a secure server.
Tcp1.Connect("myserver", 443)
' Send secure data
Tcp1.Send("Test")
' Close the connection
Tcp1.Close()
End Sub
Receiving certificates.
The example above demonstrates receiving certificates but is flawed, mainly because all certificates are automatically accepted. To remedy this, set UseAuthentication = true and handle which certificates are accepted/rejected in the CertificateReceived event.
[C#]
private void SecureTest()
{
//Allow component to negotiate best security option
tcp1.SecureProtocol = SecureProtocol.Auto;
// Connect to a secure echo server.
tcp1.Connect("mysecureserver", 7);
// Send secure data
tcp1.Send("Test");
// Receive and display secure data
System.Diagnostics.Debug.WriteLine(tcp1.Receive().ToString());
// Close the connection
tcp1.Close();
}
private void tcp1_CertificateRequested(object sender, System.EventArgs e)
{
//The server has requested client authentication
//Allow the user to select a certificate
CertificateListForm certform = new CertificateListForm(true, true);
if(certform.ShowDialog(this) == DialogResult.OK)
tcp1.Certificate = certform.SelectedCertificate;
}
private void tcp1_CertificateReceived(object sender, CertificateReceivedEventArgs e)
{
//If the server's certificate is invalid for any reason,
//the user can decide whether to proceed
string msg = "The certificate was invalid for the following reason(s)\n";
// Check to see if the certificate is from a trusted root.
if(!e.TrustedRoot)
msg+= "This certificate is not from a trusted root\n";
// Check to see if the certificate has a valid date.
if(!e.ValidDate)
msg+= "This certificate does not have a valid date\n";
// Check to see if the certificate has a valid name.
if(!e.ValidName)
msg+= "This certificate does not have a valid name\n";
if(!e.Accept)
{
msg += "Would you like to accept this certificate anyway?";
if(MessageBox.Show(msg, "Invalid Cert Received", MessageBoxButtons.YesNo) == DialogResult.Yes)
e.Accept = true;
}
}
[Visual Basic]
Private Sub SecureTest()
'Allow component to negotiate best security option
Tcp1.SecureProtocol = SecureProtocol.Auto
' Connect to a secure echo server.
Tcp1.Connect("mysecureserver", 7)
' Send secure data
Tcp1.Send("Test")
' Receive and display secure data
System.Diagnostics.Debug.WriteLine(Tcp1.Receive().ToString())
' Close the connection
Tcp1.Close()
End Sub
Private Sub Tcp1_CertificateRequested(ByVal sender As Object, ByVal e As System.EventArgs) Handles Tcp1.CertificateRequested
'The server has requested client authentication
'Allow the user to select a certificate
Dim certform As New CertificateListForm(True, True)
If (certform.ShowDialog(Me) = DialogResult.OK) Then
Tcp1.Certificate = certform.SelectedCertificate
End If
End Sub
Private Sub Tcp1_CertificateReceived(ByVal sender As Object, ByVal e As Dart.PowerTCP.SslSockets.CertificateReceivedEventArgs) Handles Tcp1.CertificateReceived
'If the server's certificate is invalid for any reason,
'the user can decide whether to proceed
Dim msg As String = "The certificate was invalid for the following reason(s)" + vbLf
' Check to see if the certificate is from a trusted root.
If (Not e.TrustedRoot) Then
msg += "This certificate is not from a trusted root" + vbLf
End If
' Check to see if the certificate has a valid date.
If (Not e.ValidDate) Then
msg += "This certificate does not have a valid date" + vbLf
End If
' Check to see if the certificate has a valid name.
If (Not e.ValidName) Then
msg += "This certificate does not have a valid name" + vbLf
End If
If (Not e.Accept) Then
msg += "Would you like to accept this certificate anyway?"
If (MessageBox.Show(msg, "Invalid Cert Received", MessageBoxButtons.YesNo) = DialogResult.Yes) Then
e.Accept = True
End If
End If
End Sub
Send comments on this topic.
Documentation version 1.1.2.0.
© 2008 Dart Communications. All rights reserved.