Discuss this help topic in SecureBlackbox Forum


TElSimpleSSLClient     See also     

Filter: C#/Java  VB.NET  Pascal  C++  PHP  

This event is fired when the protocol requires a client certificate.


    event TSBCertificateNeededExEvent OnCertificateNeededEx;
    delegate void TSBCertificateNeededExEvent(Object Sender, ref TElX509Certificate Certificate);

    Event OnCertificateNeededEx As TSBCertificateNeededExEvent
    Delegate Sub TSBCertificateNeededExEvent(ByVal Sender As Object, ByRef Certificate As TElX509Certificate)

    property OnCertificateNeededEx : TSBCertificateNeededExEvent;
    TSBCertificateNeededExEvent = procedure (Sender: TObject; var Certificate : TElX509Certificate) of object;

    void get_OnCertificateNeededEx(TSBCertificateNeededExEvent &pMethodOutResult, void * &pDataOutResult);
    void set_OnCertificateNeededEx(TSBCertificateNeededExEvent pMethodValue, void * pDataValue);
    typedef void (SB_CALLBACK *TSBCertificateNeededExEvent)(void * _ObjectData, TObjectHandle Sender, TElX509CertificateHandle &Certificate);

    TSBCertificateNeededExEvent|callable|NULL get_OnCertificateNeededEx()
    void set_OnCertificateNeededEx(TSBCertificateNeededExEvent|callable|NULL $Value)
    callable TSBCertificateNeededExEvent(TObject $Sender, TElX509Certificate &$Certificate)


  • Certificate - points to instance of TElX509Certificate class (see notes below)


    This event is fired by TElSimpleSSLClient when the negotiated protocol requires a client-side X509 certificate to be used during handshake. TElSimpleSSLClient fires OnCertificateNeededEx event consequently, until the nil/NULL value is passed as Certificate parameter. This gives the ability to pass a certificate chain to server, not only a single certificate. This event should be handled in the following way:

  • Pass the whole certificate chain, beginning at end-entity certificate with a corresponding private key.
  • When the chain is over, pass nil/NULL as Certificate parameter.

OnCertificateNeededEx can accept the certificate which belongs to the certain chain. In this case the whole chain is sent and OnCertificateNeededEx is not fired further.

An alternative to this event is to use ClientCertStorage property.

See also:     OnCertificateValidate     ClientCertStorage    

Discuss this help topic in SecureBlackbox Forum