Discuss this help topic in SecureBlackbox Forum

TElCustomSSLExtensions.CertHashTypes

TElCustomSSLExtensions     


Filter: C#/Java  VB.NET  Pascal  C++  PHP  


This property lets the application to access CertHashTypes extension.

Declaration

[C#/Java]
    TElCertHashTypesSSLExtension CertHashTypes;

[VB.NET]
    Property CertHashTypes As TElCertHashTypesSSLExtension

[Pascal]
    property CertHashTypes : TElCertHashTypesSSLExtension;

[C++]
    TElCertHashTypesSSLExtension* get_CertHashTypes();

[PHP]
    TElCertHashTypesSSLExtension get_CertHashTypes()

Description

    CertHashTypes extension allows to specify hash algorithms for server authentication.
    This extension is supported starting from TLS1.2 and should be used in the following way:

      On client-side:

        a) Set up TElSSLClient.Extensions.CertHashTypes' properties before calling Open method to specify the allowed hash functions to be used for server authentication. Please note, that the server *must* possess the certificate that was signed using the same hash function.
        b) Check TElSSLClient.PeerExtensions.CertHashTypes' properties inside the OnCertificateNeededEx event handler to get the list of hash functions allowed by the server for client authentication. You *must* provide the certificate that was signed using one of the provided hash functions.

      On server-side:

        a) Check TElSSLServer.PeerExtensions.CertHashTypes' properties inside the OnExtensionsReceived event handler in order to get the list of hash functions allowed by the client for server authentication. The certificate that was signed using one of the provided hash functions *must* be available in the CertStorage.
        b) Set TElSSLServer.Extensions.CertHashTypes' properties before calling Open method to specify the allowed hash functions to be used for client authentication. Please note, that the client *must* possess the certificate that was signed using the same hash function.

Discuss this help topic in SecureBlackbox Forum