Discuss this help topic in SecureBlackbox Forum

Enable or disable SSL/TLS on-the-fly

Most SSL-enabled classes in SecureBlackbox allow switching SSL/TLS on or off "on-the-fly", i.e. when the connection is established. This allows implementation of so-called "explicit SSL" or "explicit TLS" in the application-level protocols. For example, SMTP uses STARTTLS command to switch to SSL/TLS mode explicitly.

To switch SSL on the fly, you need to setup the classes as usually and initiate the connection. Whether the SSL is applied during the data transfer, is controlled by Enabled property of SSL-enabled class. In some components, where Enabled property name is reserved for other functionality (such as .NET SSLSocket classes), SSLEnabled property is used instead. Even more, some components have Passthrough property with the meaning opposite to Enabled. While this is confusing, the reason is that many components follow not just common sense, but the tranditional naming used in certain technology or protocol.

If the connection must be initially TLS-protected, you need to set Enabled property of the class to true. If the connection is not initially secured, set Enabled property to false.

To enable TLS explicitly in TElSimpleSSLClient use it's StartTLS method To disable TLS in TElSimpleSSLClient use it's StopTLS method

With TElSSLClient and TElSSLServer classes use the instructions below.

To switch to SSL mode when the connection is open and working in passthrough mode (i.e. with SSL disabled), you need to

  1. close the connection using Close() method, passing it True as parameter
  2. set Enabled property to true
  3. initiate the connection via SSL-enabled class.

To switch SSL mode off when the connection is open and working in SSL/TLS mode

  1. close the connection using Close() method, passing it True as parameter
  2. set Enabled property to false

How To articles about common SSL/TLS questions

Discuss this help topic in SecureBlackbox Forum