Discuss this help topic in SecureBlackbox Forum

TElX509CertificateValidator.OnAfterCertificateValidation

TElX509CertificateValidator     


Filter: C#/Java  VB.NET  Pascal  C++  PHP  


Notifies about result of validation of certain certificate.

Declaration

[C#/Java]
    event TSBAfterCertificateValidationEvent OnAfterCertificateValidation;
    delegate void TSBAfterCertificateValidationEvent(Object Sender, TElX509Certificate Certificate, TElX509Certificate CACertificate, ref TSBCertificateValidity Validity, ref TSBCertificateValidityReason Reason, ref bool DoContinue);

[VB.NET]
    Event OnAfterCertificateValidation As TSBAfterCertificateValidationEvent
    Delegate Sub TSBAfterCertificateValidationEvent(ByVal Sender As Object, ByVal Certificate As TElX509Certificate, ByVal CACertificate As TElX509Certificate, ByRef Validity As TSBCertificateValidity, ByRef Reason As TSBCertificateValidityReason, ByRef DoContinue As Boolean)

[Pascal]
    property OnAfterCertificateValidation : TSBAfterCertificateValidationEvent;
    TSBAfterCertificateValidationEvent = procedure (Sender : TObject; Certificate, CACertificate : TElX509Certificate; var Validity : TSBCertificateValidity; var Reason : TSBCertificateValidityReason; var DoContinue : boolean) of object;

[C++]
    void get_OnAfterCertificateValidation(TSBAfterCertificateValidationEvent &pMethodOutResult, void * &pDataOutResult);
    void set_OnAfterCertificateValidation(TSBAfterCertificateValidationEvent pMethodValue, void * pDataValue);
    typedef void (SB_CALLBACK *TSBAfterCertificateValidationEvent)(void * _ObjectData, TObjectHandle Sender, TElX509CertificateHandle Certificate, TElX509CertificateHandle CACertificate, TSBCertificateValidityRaw &Validity, TSBCertificateValidityReasonRaw &Reason, int8_t &DoContinue);

[PHP]
    TSBAfterCertificateValidationEvent|callable|NULL get_OnAfterCertificateValidation()
    void set_OnAfterCertificateValidation(TSBAfterCertificateValidationEvent|callable|NULL $Value)
    callable TSBAfterCertificateValidationEvent(TObject $Sender, TElX509Certificate $Certificate, TElX509Certificate $CACertificate, integer &$Validity, integer &$Reason, bool &$DoContinue)

Parameters

  • Certificate - specifies the certificate that has been validated.
  • CACertificate - specifies the certificate which signed the Certificate.
    Can be nil / null / Nothing, if the Certificate is self-signed.
  • Validity - contains determined Validity of the certificate.
  • Reason - contains set of reasons for determined validity.
  • DoContinue - set this parameter to True to continue validation (when applicable) or to False to stop validation.

Possible validity values:


Possible validity reasons:


Description

    This event is fired after certain certificate is validated. Note, that the event is fired not just for certificates in the chain, but also for all certificates, validated during CRL or OCSP checks (i.e. certificates used for signing CRLs and OCSP responses and their CAs). You can use this event to build validation report for the user or to enforce complete validation of the chain (i.e. check CA certificates even when the certificate itself is not valid).
    Certificate Validity "cvSelfSigned" is set for self-signed certificate, which is not found in the list of trusted certificate. Otherwise cvOk validity status is reported.

Discuss this help topic in SecureBlackbox Forum