EldoS | Feel safer!

Software components for data protection, secure storage and transfer


Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
Posted: 03/06/2009 09:01:10
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

I am trying to use session caching. I have a ssl server which provides session caching. How do i acheive that on the client using SSLBlackbox?

Posted: 03/06/2009 09:44:01
by Ken Ivanov (Team)

It depends on the exact class you are using. If it is an ElSecureClient class, use its Join and Resume methods. If it is an ElSimpleFTPSClient, please use its UseSSLSessionResumption property.
Posted: 03/13/2009 08:48:24
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

I looked at the documentation for EISecureClient for Join and Resume methods. They however dont state when to use them.

How, and when do i use them? Is there a sample for this?

Posted: 03/13/2009 09:01:55
by Ken Ivanov (Team)

In general words, you should pass the instance of ElSecureClient object who already had a secure session established (either active or closed) to the Join() method of new ElSecureClient object. Then call the Resume() method of the second ElSecureClient object to make it connect using secure parameters of the session negotiated by the first ElSecureClient object.
Posted: 03/16/2009 10:58:07
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

Is there a way to not close the ssl connection and socket using ElSecureClient? I noticed that the Close() is automatically called after data is received from the server.
Posted: 03/16/2009 11:54:13
by Eugene Mayevski (Team)

ElSecureClient doesn't have a socket (neither it controls it). The SSL session might be closed by the remote side or by your socket code.

Sincerely yours
Eugene Mayevski
Posted: 03/17/2009 09:47:23
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

thanks. i checked the server code and saw that i was sending a shutdown which in turn closes the ssl connection.
I have a server and a client. the servcer does NOT use SSLBlackbox. The server opens a socket and starts listening. The client makes an SSL connection and sends data and receives data. At this time i am keeping the SSL session open, because the connection between the server and client is supposed to be active and the server does not service multiple clients. I am trying to send more data to the server using the same SSL session through SecureClient.SendData, which did not work. Am i missing something?

Posted: 03/17/2009 12:09:30
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

I would like to know how to use the same SecureCLient object to send additional data to the server and receive data back from then server without having to bear the burden of opening a new connection. The server does not send a close_notify until the server is terminated, thus enabling the ssl session on the client to be active after sending the initial request.
Posted: 03/18/2009 00:33:25
by Ken Ivanov (Team)

If the physical (TCP) session is closed after first data exchange, then you need to reconnect the socket first. Then call ElSecureClient.Resume() method to resume the previous SSL session. If it is the same ElSecureClient object that was used for a first connection, you do not need to call its Join() method prior to resuming.
Posted: 03/18/2009 05:40:41
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

The winsock connection state is 7, which is send and receive, and the ElSecureClient is ACTIVE. But the ElSecureClient.Resume gave me an error. I had to do a ElSecureclient.Join before calling Resume. Once i called resume even though the tcp connection was open it did not send anything down to the server. it does trigger the OnSend event when i do a Resume.
The server is set to accept renegotiations.
I dont understand why we need renegotiation which is nothing but rehandshake, which is mostly used if the client needs to be authenticated again. The client is active and just performed an SSL handshake, why should the client have to renegotiate again? Why cannot it just use the active connection to send more data?
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.



Topic viewed 4205 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!