SSLClient Control

Properties   Methods   Events   Config Settings   Errors  

The SSLClient Control is a generic Transmission Control Protocol (TCP) stream client based on an asynchronous, event-driven architecture.

Syntax

SSLClient

Remarks

The SSLClient Control supports Secure Sockets Layer/Transport Layer Security (SSL/TLS) connections. When connecting over Secure Sockets Layer/Transport Layer Security (SSL/TLS) the SSLServerAuthentication event allows you to check the server identity and other security attributes. The SSLStatus event provides information about the SSL handshake. Additional SSL-related settings are also supported through the Config method.

Our main goal in designing SSLClient was ease of use. The control has a minimum number of properties and five events: Connected, DataIn, Disconnected, ReadyToSend, and Error. The events are relatively self-explanatory.

The connection is attempted by calling the Connect method or setting the Connected property to True, and then waiting for the Connected event. The destination is defined by setting RemoteHost and RemotePort. Data are sent by calling the Send method with Text as a parameter.

To disconnect, you just call the Disconnect method or set the Connected property to False. The Linger property controls how the connection is terminated.

The operation of the control is almost completely asynchronous. All of the calls, except the ones that deal with domain name resolution, operate through asynchronous messages (no blocking calls). The gain in performance is considerable compared with using blocking calls.

Property List

The following is the full list of the properties of the control with short descriptions. Click on the links for further details.

Method List

The following is the full list of the methods of the control with short descriptions. Click on the links for further details.

Event List

The following is the full list of the events fired by the control with short descriptions. Click on the links for further details.

Config Settings

The following is a list of config settings for the control with short descriptions. Click on the links for further details.

AcceptData Property (SSLClient Control)

This property indicates whether data reception is currently enabled.

Syntax

sslclientcontrol.AcceptData

Default Value

True

Remarks

This property indicates whether data reception is currently enabled. When , data reception is disabled and the DataIn event will not fire. Use the PauseData and ProcessData methods to pause and resume data reception.

This property is read-only and not available at design time.

Data Type

Boolean

BytesSent Property (SSLClient Control)

This property includes the number of bytes actually sent after a call to the SendBytes method.

Syntax

sslclientcontrol.BytesSent

Default Value

0

Remarks

This property indicates how many bytes were sent after the last call to SendBytes. Please check the SendBytes method for more information.

Note: that BytesSent will always return 0 when the control is operating in synchronous mode (i.e., the Timeout property is set to a positive value.)

This property is read-only and not available at design time.

Data Type

Integer

Connected Property (SSLClient Control)

This property indicates whether the control is connected.

Syntax

sslclientcontrol.Connected

Default Value

False

Remarks

This property indicates whether the control is connected to the remote host. Use the Connect and Disconnect methods to manage the connection.

This property is read-only and not available at design time.

Data Type

Boolean

EOL Property (SSLClient Control)

This property is used to break the incoming data stream into chunks separated by EOL .

Syntax

sslclientcontrol.EOL[=string]

Default Value

""

Remarks

This property is used to define boundaries in the input stream using the value of the property.

This property is especially useful with ASCII files. Setting it to CRLF (Chr$(13) & Chr$(10)) enables the incoming ASCII text stream to split into defined lines. In this case, one event is fired for each line received (as well as in packet boundaries). The CRLF (Chr$(13) & Chr$(10)) bytes are discarded.

This property is a binary string. Notably, this means that it can be more than one byte long, and it can contain NULL bytes.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .EOLB.

Data Type

Binary String

FirewallAutoDetect Property (SSLClient Control)

Whether to automatically detect and use firewall system settings, if available.

Syntax

sslclientcontrol.FirewallAutoDetect[=boolean]

Default Value

False

Remarks

Whether to automatically detect and use firewall system settings, if available.

Data Type

Boolean

FirewallType Property (SSLClient Control)

The type of firewall to connect through.

Syntax

sslclientcontrol.FirewallType[=integer]

Possible Values

fwNone(0), 
fwTunnel(1), 
fwSOCKS4(2), 
fwSOCKS5(3), 
fwSOCKS4A(10)

Default Value

0

Remarks

The type of firewall to connect through. The applicable values are as follows:

Data Type

Integer

FirewallHost Property (SSLClient Control)

The name or IP address of the firewall (optional).

Syntax

sslclientcontrol.FirewallHost[=string]

Default Value

""

Remarks

The name or IP address of the firewall (optional). If a FirewallHost is given, the requested connections will be authenticated through the specified firewall when connecting.

If this property is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, the control fails with an error.

Data Type

String

FirewallPassword Property (SSLClient Control)

A password if authentication is to be used when connecting through the firewall.

Syntax

sslclientcontrol.FirewallPassword[=string]

Default Value

""

Remarks

A password if authentication is to be used when connecting through the firewall. If FirewallHost is specified, the FirewallUser and FirewallPassword properties are used to connect and authenticate to the given firewall. If the authentication fails, the control fails with an error.

Data Type

String

FirewallPort Property (SSLClient Control)

The Transmission Control Protocol (TCP) port for the firewall Host .

Syntax

sslclientcontrol.FirewallPort[=integer]

Default Value

0

Remarks

The Transmission Control Protocol (TCP) port for the firewall FirewallHost. See the description of the FirewallHost property for details.

Note: This property is set automatically when FirewallType is set to a valid value. See the description of the FirewallType property for details.

Data Type

Integer

FirewallUser Property (SSLClient Control)

A username if authentication is to be used when connecting through a firewall.

Syntax

sslclientcontrol.FirewallUser[=string]

Default Value

""

Remarks

A username if authentication is to be used when connecting through a firewall. If FirewallHost is specified, this property and the FirewallPassword property are used to connect and authenticate to the given Firewall. If the authentication fails, the control fails with an error.

Data Type

String

KeepAlive Property (SSLClient Control)

When True, KEEPALIVE packets are enabled (for long connections).

Syntax

sslclientcontrol.KeepAlive[=boolean]

Default Value

False

Remarks

The KeepAlive enables the SO_KEEPALIVE option on the socket. This option prevents long connections from timing out in case of inactivity.

Note: System Transmission Control Protocol (TCP)/IP stack implementations are not required to support SO_KEEPALIVE.

Data Type

Boolean

Linger Property (SSLClient Control)

When set to True, this property ensures that connections are terminated gracefully.

Syntax

sslclientcontrol.Linger[=boolean]

Default Value

True

Remarks

This property controls how a connection is closed. The default is True.

In the case that Linger is True (default), two scenarios determine how long the connection will linger. In the first, if LingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP timeout expires.

In the second scenario, if LingerTime is a positive value, the system will attempt to send pending data until the specified LingerTime is reached. If this attempt fails, then the system will reset the connection.

The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the control returns control immediately, the system could hold system resources until all pending data are sent (even after your application closes).

Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (e.g., by a client acknowledgment), setting this property to False might be the appropriate course of action.

Data Type

Boolean

LocalHost Property (SSLClient Control)

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

sslclientcontrol.LocalHost[=string]

Default Value

""

Remarks

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the control initiate connections (or accept in the case of server controls) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the control is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: LocalHost is not persistent. You must always set it in code, and never in the property window.

Data Type

String

LocalPort Property (SSLClient Control)

The TCP port in the local host where the control binds.

Syntax

sslclientcontrol.LocalPort[=integer]

Default Value

0

Remarks

This property must be set before a connection is attempted. It instructs the control to bind to a specific port (or communication endpoint) in the local machine.

Setting this property to 0 (default) enables the system to choose an open port at random. The chosen port will be returned by the LocalPort property after the connection is established.

LocalPort cannot be changed once a connection is made. Any attempt to set this property when a connection is active will generate an error.

This property is useful when trying to connect to services that require a trusted port on the client side.

Data Type

Integer

ReadyToSend Property (SSLClient Control)

This property indicates whether the control is ready to send data.

Syntax

sslclientcontrol.ReadyToSend

Default Value

False

Remarks

This property indicates that the underlying Transmission Control Protocol (TCP)/IP subsystem is ready to accept data. This is True after connecting to the remote host and will become False after a failed SendBytes.

After a failed SendBytes, the ReadyToSend event will fire and this property will be True when data can be sent again.

This property is read-only and not available at design time.

Data Type

Boolean

RecordLength Property (SSLClient Control)

This property indicates the length of received data records.

Syntax

sslclientcontrol.RecordLength

Default Value

0

Remarks

This property holds the current record length set by ChangeRecordLength. When this value is a positive number, the control will accumulate data until RecordLength is reached and only then will fire the DataIn event with the data of length RecordLength. This allows data to be received as records of known length. This value can be changed at any time by calling ChangeRecordLength, including within the DataIn event.

A value of 0 (default) means this setting is not used.

This property is read-only and not available at design time.

Data Type

Integer

RemoteHost Property (SSLClient Control)

This property includes the address of the remote host. Domain names are resolved to IP addresses.

Syntax

sslclientcontrol.RemoteHost[=string]

Default Value

""

Remarks

This property specifies the IP address (IP number in dotted internet format) or the domain name of the remote host. It is set before a connection is attempted and cannot be changed once a connection is established.

If this property is set to a domain name, a DNS request is initiated, and upon successful termination of the request, this property is set to the corresponding address. If the search is not successful, an error is returned.

If the control is configured to use a SOCKS firewall, the value assigned to this property may be preceded with an "*". If this is the case, the host name is passed to the firewall unresolved and the firewall performs the DNS resolution.

Example. Connecting:

TCPClientControl.RemoteHost = "MyHostNameOrIP" TCPClientControl.RemotePort = 777 TCPClientControl.Connected = true

Data Type

String

RemotePort Property (SSLClient Control)

This property includes the Transmission Control Protocol (TCP) port in the remote host.

Syntax

sslclientcontrol.RemotePort[=integer]

Default Value

0

Remarks

This property specifies a service port on the remote host to connect to.

A valid port number (a value between 1 and 65535) is required for the connection to take place. The property must be set before a connection is attempted and cannot be changed once a connection is established. Any attempt to change this property while connected will fail with an error.

Data Type

Integer

SingleLineMode Property (SSLClient Control)

This property includes a special mode for line-oriented protocols.

Syntax

sslclientcontrol.SingleLineMode[=boolean]

Default Value

False

Remarks

When this property is set to True, the control treats the incoming data stream as lines separated by carriage return line feed (CRLF), CR, or LF. The EOL property is ignored.

When this property is set to True, AcceptData automatically will be set to False. Please refer to the GetLine method for more information.

This property is not available at design time.

Data Type

Boolean

SSLAcceptServerCertEffectiveDate Property (SSLClient Control)

The date on which this certificate becomes valid.

Syntax

sslclientcontrol.SSLAcceptServerCertEffectiveDate

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

Data Type

String

SSLAcceptServerCertExpirationDate Property (SSLClient Control)

The date on which the certificate expires.

Syntax

sslclientcontrol.SSLAcceptServerCertExpirationDate

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

Data Type

String

SSLAcceptServerCertExtendedKeyUsage Property (SSLClient Control)

A comma-delimited list of extended key usage identifiers.

Syntax

sslclientcontrol.SSLAcceptServerCertExtendedKeyUsage

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

Data Type

String

SSLAcceptServerCertFingerprint Property (SSLClient Control)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertFingerprint

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

Data Type

String

SSLAcceptServerCertFingerprintSHA1 Property (SSLClient Control)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertFingerprintSHA1

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

Data Type

String

SSLAcceptServerCertFingerprintSHA256 Property (SSLClient Control)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertFingerprintSHA256

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

Data Type

String

SSLAcceptServerCertIssuer Property (SSLClient Control)

The issuer of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertIssuer

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

Data Type

String

SSLAcceptServerCertPrivateKey Property (SSLClient Control)

The private key of the certificate (if available).

Syntax

sslclientcontrol.SSLAcceptServerCertPrivateKey

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The SSLAcceptServerCertPrivateKey may be available but not exportable. In this case, SSLAcceptServerCertPrivateKey returns an empty string.

This property is read-only.

Data Type

String

SSLAcceptServerCertPrivateKeyAvailable Property (SSLClient Control)

Whether a PrivateKey is available for the selected certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertPrivateKeyAvailable

Default Value

False

Remarks

Whether a SSLAcceptServerCertPrivateKey is available for the selected certificate. If SSLAcceptServerCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

Data Type

Boolean

SSLAcceptServerCertPrivateKeyContainer Property (SSLClient Control)

The name of the PrivateKey container for the certificate (if available).

Syntax

sslclientcontrol.SSLAcceptServerCertPrivateKeyContainer

Default Value

""

Remarks

The name of the SSLAcceptServerCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

Data Type

String

SSLAcceptServerCertPublicKey Property (SSLClient Control)

The public key of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertPublicKey

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

Data Type

String

SSLAcceptServerCertPublicKeyAlgorithm Property (SSLClient Control)

The textual description of the certificate's public key algorithm.

Syntax

sslclientcontrol.SSLAcceptServerCertPublicKeyAlgorithm

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SSLAcceptServerCertPublicKeyLength Property (SSLClient Control)

The length of the certificate's public key (in bits).

Syntax

sslclientcontrol.SSLAcceptServerCertPublicKeyLength

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

Data Type

Integer

SSLAcceptServerCertSerialNumber Property (SSLClient Control)

The serial number of the certificate encoded as a string.

Syntax

sslclientcontrol.SSLAcceptServerCertSerialNumber

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

Data Type

String

SSLAcceptServerCertSignatureAlgorithm Property (SSLClient Control)

The text description of the certificate's signature algorithm.

Syntax

sslclientcontrol.SSLAcceptServerCertSignatureAlgorithm

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SSLAcceptServerCertStore Property (SSLClient Control)

The name of the certificate store for the client certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertStore[=string]

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The SSLAcceptServerCertStoreType property denotes the type of the certificate store specified by SSLAcceptServerCertStore. If the store is password-protected, specify the password in SSLAcceptServerCertStorePassword.

SSLAcceptServerCertStore is used in conjunction with the SSLAcceptServerCertSubject property to specify client certificates. If SSLAcceptServerCertStore has a value, and SSLAcceptServerCertSubject or SSLAcceptServerCertEncoded is set, a search for a certificate is initiated. Please see the SSLAcceptServerCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SSLAcceptServerCertStoreB.

Data Type

Binary String

SSLAcceptServerCertStorePassword Property (SSLClient Control)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

sslclientcontrol.SSLAcceptServerCertStorePassword[=string]

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Data Type

String

SSLAcceptServerCertStoreType Property (SSLClient Control)

The type of certificate store for this certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertStoreType[=integer]

Possible Values

cstUser(0), 
cstMachine(1), 
cstPFXFile(2), 
cstPFXBlob(3), 
cstJKSFile(4), 
cstJKSBlob(5), 
cstPEMKeyFile(6), 
cstPEMKeyBlob(7), 
cstPublicKeyFile(8), 
cstPublicKeyBlob(9), 
cstSSHPublicKeyBlob(10), 
cstP7BFile(11), 
cstP7BBlob(12), 
cstSSHPublicKeyFile(13), 
cstPPKFile(14), 
cstPPKBlob(15), 
cstXMLFile(16), 
cstXMLBlob(17), 
cstJWKFile(18), 
cstJWKBlob(19), 
cstSecurityKey(20), 
cstBCFKSFile(21), 
cstBCFKSBlob(22), 
cstPKCS11(23), 
cstAuto(99)

Default Value

0

Remarks

The type of certificate store for this certificate.

The control supports both public and private keys in a variety of formats. When the cstAuto value is used, the control will automatically determine the type. This property can take one of the following values:

Data Type

Integer

SSLAcceptServerCertSubjectAltNames Property (SSLClient Control)

Comma-separated lists of alternative subject names for the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertSubjectAltNames

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

Data Type

String

SSLAcceptServerCertThumbprintMD5 Property (SSLClient Control)

The MD5 hash of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertThumbprintMD5

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLAcceptServerCertThumbprintSHA1 Property (SSLClient Control)

The SHA-1 hash of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertThumbprintSHA1

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLAcceptServerCertThumbprintSHA256 Property (SSLClient Control)

The SHA-256 hash of the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertThumbprintSHA256

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLAcceptServerCertUsage Property (SSLClient Control)

The text description of UsageFlags .

Syntax

sslclientcontrol.SSLAcceptServerCertUsage

Default Value

""

Remarks

The text description of SSLAcceptServerCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

Data Type

String

SSLAcceptServerCertUsageFlags Property (SSLClient Control)

The flags that show intended use for the certificate.

Syntax

sslclientcontrol.SSLAcceptServerCertUsageFlags

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of SSLAcceptServerCertUsageFlags is a combination of the following flags:

Please see the SSLAcceptServerCertUsage property for a text representation of SSLAcceptServerCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

Data Type

Integer

SSLAcceptServerCertVersion Property (SSLClient Control)

The certificate's version number.

Syntax

sslclientcontrol.SSLAcceptServerCertVersion

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

Data Type

String

SSLAcceptServerCertSubject Property (SSLClient Control)

The subject of the certificate used for client authentication.

Syntax

sslclientcontrol.SSLAcceptServerCertSubject[=string]

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

Data Type

String

SSLAcceptServerCertEncoded Property (SSLClient Control)

The certificate (PEM/Base64 encoded).

Syntax

sslclientcontrol.SSLAcceptServerCertEncoded[=string]

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The SSLAcceptServerCertStore and SSLAcceptServerCertSubject properties also may be used to specify a certificate.

When SSLAcceptServerCertEncoded is set, a search is initiated in the current SSLAcceptServerCertStore for the private key of the certificate. If the key is found, SSLAcceptServerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SSLAcceptServerCertSubject is set to an empty string.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SSLAcceptServerCertEncodedB.

This property is not available at design time.

Data Type

Binary String

SSLCertEffectiveDate Property (SSLClient Control)

The date on which this certificate becomes valid.

Syntax

sslclientcontrol.SSLCertEffectiveDate

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

Data Type

String

SSLCertExpirationDate Property (SSLClient Control)

The date on which the certificate expires.

Syntax

sslclientcontrol.SSLCertExpirationDate

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

Data Type

String

SSLCertExtendedKeyUsage Property (SSLClient Control)

A comma-delimited list of extended key usage identifiers.

Syntax

sslclientcontrol.SSLCertExtendedKeyUsage

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

Data Type

String

SSLCertFingerprint Property (SSLClient Control)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLCertFingerprint

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

Data Type

String

SSLCertFingerprintSHA1 Property (SSLClient Control)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLCertFingerprintSHA1

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

Data Type

String

SSLCertFingerprintSHA256 Property (SSLClient Control)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLCertFingerprintSHA256

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

Data Type

String

SSLCertIssuer Property (SSLClient Control)

The issuer of the certificate.

Syntax

sslclientcontrol.SSLCertIssuer

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

Data Type

String

SSLCertPrivateKey Property (SSLClient Control)

The private key of the certificate (if available).

Syntax

sslclientcontrol.SSLCertPrivateKey

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The SSLCertPrivateKey may be available but not exportable. In this case, SSLCertPrivateKey returns an empty string.

This property is read-only.

Data Type

String

SSLCertPrivateKeyAvailable Property (SSLClient Control)

Whether a PrivateKey is available for the selected certificate.

Syntax

sslclientcontrol.SSLCertPrivateKeyAvailable

Default Value

False

Remarks

Whether a SSLCertPrivateKey is available for the selected certificate. If SSLCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

Data Type

Boolean

SSLCertPrivateKeyContainer Property (SSLClient Control)

The name of the PrivateKey container for the certificate (if available).

Syntax

sslclientcontrol.SSLCertPrivateKeyContainer

Default Value

""

Remarks

The name of the SSLCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

Data Type

String

SSLCertPublicKey Property (SSLClient Control)

The public key of the certificate.

Syntax

sslclientcontrol.SSLCertPublicKey

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

Data Type

String

SSLCertPublicKeyAlgorithm Property (SSLClient Control)

The textual description of the certificate's public key algorithm.

Syntax

sslclientcontrol.SSLCertPublicKeyAlgorithm

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SSLCertPublicKeyLength Property (SSLClient Control)

The length of the certificate's public key (in bits).

Syntax

sslclientcontrol.SSLCertPublicKeyLength

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

Data Type

Integer

SSLCertSerialNumber Property (SSLClient Control)

The serial number of the certificate encoded as a string.

Syntax

sslclientcontrol.SSLCertSerialNumber

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

Data Type

String

SSLCertSignatureAlgorithm Property (SSLClient Control)

The text description of the certificate's signature algorithm.

Syntax

sslclientcontrol.SSLCertSignatureAlgorithm

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SSLCertStore Property (SSLClient Control)

The name of the certificate store for the client certificate.

Syntax

sslclientcontrol.SSLCertStore[=string]

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The SSLCertStoreType property denotes the type of the certificate store specified by SSLCertStore. If the store is password-protected, specify the password in SSLCertStorePassword.

SSLCertStore is used in conjunction with the SSLCertSubject property to specify client certificates. If SSLCertStore has a value, and SSLCertSubject or SSLCertEncoded is set, a search for a certificate is initiated. Please see the SSLCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SSLCertStoreB.

Data Type

Binary String

SSLCertStorePassword Property (SSLClient Control)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

sslclientcontrol.SSLCertStorePassword[=string]

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Data Type

String

SSLCertStoreType Property (SSLClient Control)

The type of certificate store for this certificate.

Syntax

sslclientcontrol.SSLCertStoreType[=integer]

Possible Values

cstUser(0), 
cstMachine(1), 
cstPFXFile(2), 
cstPFXBlob(3), 
cstJKSFile(4), 
cstJKSBlob(5), 
cstPEMKeyFile(6), 
cstPEMKeyBlob(7), 
cstPublicKeyFile(8), 
cstPublicKeyBlob(9), 
cstSSHPublicKeyBlob(10), 
cstP7BFile(11), 
cstP7BBlob(12), 
cstSSHPublicKeyFile(13), 
cstPPKFile(14), 
cstPPKBlob(15), 
cstXMLFile(16), 
cstXMLBlob(17), 
cstJWKFile(18), 
cstJWKBlob(19), 
cstSecurityKey(20), 
cstBCFKSFile(21), 
cstBCFKSBlob(22), 
cstPKCS11(23), 
cstAuto(99)

Default Value

0

Remarks

The type of certificate store for this certificate.

The control supports both public and private keys in a variety of formats. When the cstAuto value is used, the control will automatically determine the type. This property can take one of the following values:

Data Type

Integer

SSLCertSubjectAltNames Property (SSLClient Control)

Comma-separated lists of alternative subject names for the certificate.

Syntax

sslclientcontrol.SSLCertSubjectAltNames

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

Data Type

String

SSLCertThumbprintMD5 Property (SSLClient Control)

The MD5 hash of the certificate.

Syntax

sslclientcontrol.SSLCertThumbprintMD5

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLCertThumbprintSHA1 Property (SSLClient Control)

The SHA-1 hash of the certificate.

Syntax

sslclientcontrol.SSLCertThumbprintSHA1

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLCertThumbprintSHA256 Property (SSLClient Control)

The SHA-256 hash of the certificate.

Syntax

sslclientcontrol.SSLCertThumbprintSHA256

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLCertUsage Property (SSLClient Control)

The text description of UsageFlags .

Syntax

sslclientcontrol.SSLCertUsage

Default Value

""

Remarks

The text description of SSLCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

Data Type

String

SSLCertUsageFlags Property (SSLClient Control)

The flags that show intended use for the certificate.

Syntax

sslclientcontrol.SSLCertUsageFlags

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of SSLCertUsageFlags is a combination of the following flags:

Please see the SSLCertUsage property for a text representation of SSLCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

Data Type

Integer

SSLCertVersion Property (SSLClient Control)

The certificate's version number.

Syntax

sslclientcontrol.SSLCertVersion

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

Data Type

String

SSLCertSubject Property (SSLClient Control)

The subject of the certificate used for client authentication.

Syntax

sslclientcontrol.SSLCertSubject[=string]

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

Data Type

String

SSLCertEncoded Property (SSLClient Control)

The certificate (PEM/Base64 encoded).

Syntax

sslclientcontrol.SSLCertEncoded[=string]

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The SSLCertStore and SSLCertSubject properties also may be used to specify a certificate.

When SSLCertEncoded is set, a search is initiated in the current SSLCertStore for the private key of the certificate. If the key is found, SSLCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SSLCertSubject is set to an empty string.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SSLCertEncodedB.

This property is not available at design time.

Data Type

Binary String

SSLProvider Property (SSLClient Control)

The Secure Sockets Layer/Transport Layer Security (SSL/TLS) implementation to use.

Syntax

sslclientcontrol.SSLProvider[=integer]

Possible Values

sslpAutomatic(0), 
sslpPlatform(1), 
sslpInternal(2)

Default Value

0

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic), the control will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are as follows:

In most cases using the default value (Automatic) is recommended. The control will select a provider depending on the current platform.

When Automatic is selected, the platform implementation is used by default. When TLS 1.3 is enabled via SSLEnabledProtocols, the internal implementation is used.

Data Type

Integer

SSLServerCertEffectiveDate Property (SSLClient Control)

The date on which this certificate becomes valid.

Syntax

sslclientcontrol.SSLServerCertEffectiveDate

Default Value

""

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only.

Data Type

String

SSLServerCertExpirationDate Property (SSLClient Control)

The date on which the certificate expires.

Syntax

sslclientcontrol.SSLServerCertExpirationDate

Default Value

""

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only.

Data Type

String

SSLServerCertExtendedKeyUsage Property (SSLClient Control)

A comma-delimited list of extended key usage identifiers.

Syntax

sslclientcontrol.SSLServerCertExtendedKeyUsage

Default Value

""

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only.

Data Type

String

SSLServerCertFingerprint Property (SSLClient Control)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLServerCertFingerprint

Default Value

""

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only.

Data Type

String

SSLServerCertFingerprintSHA1 Property (SSLClient Control)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLServerCertFingerprintSHA1

Default Value

""

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only.

Data Type

String

SSLServerCertFingerprintSHA256 Property (SSLClient Control)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Syntax

sslclientcontrol.SSLServerCertFingerprintSHA256

Default Value

""

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only.

Data Type

String

SSLServerCertIssuer Property (SSLClient Control)

The issuer of the certificate.

Syntax

sslclientcontrol.SSLServerCertIssuer

Default Value

""

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only.

Data Type

String

SSLServerCertPrivateKey Property (SSLClient Control)

The private key of the certificate (if available).

Syntax

sslclientcontrol.SSLServerCertPrivateKey

Default Value

""

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The SSLServerCertPrivateKey may be available but not exportable. In this case, SSLServerCertPrivateKey returns an empty string.

This property is read-only.

Data Type

String

SSLServerCertPrivateKeyAvailable Property (SSLClient Control)

Whether a PrivateKey is available for the selected certificate.

Syntax

sslclientcontrol.SSLServerCertPrivateKeyAvailable

Default Value

False

Remarks

Whether a SSLServerCertPrivateKey is available for the selected certificate. If SSLServerCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only.

Data Type

Boolean

SSLServerCertPrivateKeyContainer Property (SSLClient Control)

The name of the PrivateKey container for the certificate (if available).

Syntax

sslclientcontrol.SSLServerCertPrivateKeyContainer

Default Value

""

Remarks

The name of the SSLServerCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only.

Data Type

String

SSLServerCertPublicKey Property (SSLClient Control)

The public key of the certificate.

Syntax

sslclientcontrol.SSLServerCertPublicKey

Default Value

""

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only.

Data Type

String

SSLServerCertPublicKeyAlgorithm Property (SSLClient Control)

The textual description of the certificate's public key algorithm.

Syntax

sslclientcontrol.SSLServerCertPublicKeyAlgorithm

Default Value

""

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SSLServerCertPublicKeyLength Property (SSLClient Control)

The length of the certificate's public key (in bits).

Syntax

sslclientcontrol.SSLServerCertPublicKeyLength

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only.

Data Type

Integer

SSLServerCertSerialNumber Property (SSLClient Control)

The serial number of the certificate encoded as a string.

Syntax

sslclientcontrol.SSLServerCertSerialNumber

Default Value

""

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only.

Data Type

String

SSLServerCertSignatureAlgorithm Property (SSLClient Control)

The text description of the certificate's signature algorithm.

Syntax

sslclientcontrol.SSLServerCertSignatureAlgorithm

Default Value

""

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only.

Data Type

String

SSLServerCertStore Property (SSLClient Control)

The name of the certificate store for the client certificate.

Syntax

sslclientcontrol.SSLServerCertStore

Default Value

"MY"

Remarks

The name of the certificate store for the client certificate.

The SSLServerCertStoreType property denotes the type of the certificate store specified by SSLServerCertStore. If the store is password-protected, specify the password in SSLServerCertStorePassword.

SSLServerCertStore is used in conjunction with the SSLServerCertSubject property to specify client certificates. If SSLServerCertStore has a value, and SSLServerCertSubject or SSLServerCertEncoded is set, a search for a certificate is initiated. Please see the SSLServerCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SSLServerCertStoreB.

This property is read-only.

Data Type

Binary String

SSLServerCertStorePassword Property (SSLClient Control)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

sslclientcontrol.SSLServerCertStorePassword

Default Value

""

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

This property is read-only.

Data Type

String

SSLServerCertStoreType Property (SSLClient Control)

The type of certificate store for this certificate.

Syntax

sslclientcontrol.SSLServerCertStoreType

Possible Values

cstUser(0), 
cstMachine(1), 
cstPFXFile(2), 
cstPFXBlob(3), 
cstJKSFile(4), 
cstJKSBlob(5), 
cstPEMKeyFile(6), 
cstPEMKeyBlob(7), 
cstPublicKeyFile(8), 
cstPublicKeyBlob(9), 
cstSSHPublicKeyBlob(10), 
cstP7BFile(11), 
cstP7BBlob(12), 
cstSSHPublicKeyFile(13), 
cstPPKFile(14), 
cstPPKBlob(15), 
cstXMLFile(16), 
cstXMLBlob(17), 
cstJWKFile(18), 
cstJWKBlob(19), 
cstSecurityKey(20), 
cstBCFKSFile(21), 
cstBCFKSBlob(22), 
cstPKCS11(23), 
cstAuto(99)

Default Value

0

Remarks

The type of certificate store for this certificate.

The control supports both public and private keys in a variety of formats. When the cstAuto value is used, the control will automatically determine the type. This property can take one of the following values:

This property is read-only.

Data Type

Integer

SSLServerCertSubjectAltNames Property (SSLClient Control)

Comma-separated lists of alternative subject names for the certificate.

Syntax

sslclientcontrol.SSLServerCertSubjectAltNames

Default Value

""

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only.

Data Type

String

SSLServerCertThumbprintMD5 Property (SSLClient Control)

The MD5 hash of the certificate.

Syntax

sslclientcontrol.SSLServerCertThumbprintMD5

Default Value

""

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLServerCertThumbprintSHA1 Property (SSLClient Control)

The SHA-1 hash of the certificate.

Syntax

sslclientcontrol.SSLServerCertThumbprintSHA1

Default Value

""

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLServerCertThumbprintSHA256 Property (SSLClient Control)

The SHA-256 hash of the certificate.

Syntax

sslclientcontrol.SSLServerCertThumbprintSHA256

Default Value

""

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only.

Data Type

String

SSLServerCertUsage Property (SSLClient Control)

The text description of UsageFlags .

Syntax

sslclientcontrol.SSLServerCertUsage

Default Value

""

Remarks

The text description of SSLServerCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only.

Data Type

String

SSLServerCertUsageFlags Property (SSLClient Control)

The flags that show intended use for the certificate.

Syntax

sslclientcontrol.SSLServerCertUsageFlags

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of SSLServerCertUsageFlags is a combination of the following flags:

Please see the SSLServerCertUsage property for a text representation of SSLServerCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only.

Data Type

Integer

SSLServerCertVersion Property (SSLClient Control)

The certificate's version number.

Syntax

sslclientcontrol.SSLServerCertVersion

Default Value

""

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only.

Data Type

String

SSLServerCertSubject Property (SSLClient Control)

The subject of the certificate used for client authentication.

Syntax

sslclientcontrol.SSLServerCertSubject

Default Value

""

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

This property is read-only.

Data Type

String

SSLServerCertEncoded Property (SSLClient Control)

The certificate (PEM/Base64 encoded).

Syntax

sslclientcontrol.SSLServerCertEncoded

Default Value

""

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The SSLServerCertStore and SSLServerCertSubject properties also may be used to specify a certificate.

When SSLServerCertEncoded is set, a search is initiated in the current SSLServerCertStore for the private key of the certificate. If the key is found, SSLServerCertSubject is updated to reflect the full subject of the selected certificate; otherwise, SSLServerCertSubject is set to an empty string.

To read or write binary data to the property, a Variant (Byte Array) version is provided in .SSLServerCertEncodedB.

This property is read-only and not available at design time.

Data Type

Binary String

Timeout Property (SSLClient Control)

This property includes the timeout for the control.

Syntax

sslclientcontrol.Timeout[=integer]

Default Value

60

Remarks

If the Timeout property is set to 0, all operations return immediately, potentially failing with a WOULDBLOCK error if data cannot be sent immediately.

If Timeout is set to a positive value, data is sent in a blocking manner and the control will wait for the operation to complete before returning control. The control will handle any potential WOULDBLOCK errors internally and automatically retry the operation for a maximum of Timeout seconds.

The control will use DoEvents to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not freeze and remains responsive.

If Timeout expires, and the operation is not yet complete, the control fails with an error.

Note: By default, all timeouts are inactivity timeouts, that is, the timeout period is extended by Timeout seconds when any amount of data is successfully sent or received.

The default value for the Timeout property is 60 seconds.

Data Type

Integer

ChangeRecordLength Method (SSLClient Control)

This method changes the length of received data records.

Syntax

sslclientcontrol.ChangeRecordLength RecordLength

Remarks

This method defines the length of data records to be received (in bytes).

If RecordLength is set to a positive value, the control will accumulate data until RecordLength bytes of data are received and only then will it fire the DataIn event with data of length RecordLength. This allows data to be received as records of known length. This method can be called at any time to change the record length, including within the DataIn event.

A value of 0 (default) means this functionality is not used.

Config Method (SSLClient Control)

Sets or retrieves a configuration setting.

Syntax

sslclientcontrol.Config ConfigurationString

Remarks

Config is a generic method available in every control. It is used to set and retrieve configuration settings for the control.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the control, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Connect Method (SSLClient Control)

This method connects to a remote host.

Syntax

sslclientcontrol.Connect 

Remarks

This method connects to the remote host specified by RemoteHost and RemotePort. For instance: component.RemoteHost = "MyHostNameOrIP"; component.RemotePort = 7777; component.Connect();

ConnectTo Method (SSLClient Control)

This method connects to a remote host.

Syntax

sslclientcontrol.ConnectTo Host, Port

Remarks

This method connects to the remote host specified by the Host and Port parameters. For instance: component.ConnectTo("MyHostNameOrIP", 777)

Disconnect Method (SSLClient Control)

This method disconnects from the remote host.

Syntax

sslclientcontrol.Disconnect 

Remarks

This method disconnects from the remote host. Calling this method is equivalent to setting the Connected property to False.

DoEvents Method (SSLClient Control)

This method processes events from the internal message queue.

Syntax

sslclientcontrol.DoEvents 

Remarks

When DoEvents is called, the control processes any available events. If no events are available, it waits for a preset period of time, and then returns.

GetLine Method (SSLClient Control)

This method gets a line of text from the server.

Syntax

sslclientcontrol.GetLine 

Remarks

This method gets a line of text from the server. This method is an alternative method of receiving data for line-oriented protocols. The control will block if necessary and then will return the received line. AcceptData will be set automatically to True when the method is called, and then will be set to False after a line is received.

Please refer to the SingleLineMode property for more information.

Interrupt Method (SSLClient Control)

This method interrupts the current action.

Syntax

sslclientcontrol.Interrupt 

Remarks

This method interrupts the current action. If you use SendFile to upload a file, the control will run synchronously until the upload is completed. This method will allow you to stop the file from uploading without disconnecting from the host.

PauseData Method (SSLClient Control)

This method pauses data reception.

Syntax

sslclientcontrol.PauseData 

Remarks

This method pauses data reception when called. While data reception is paused, the DataIn event will not fire. Call ProcessData to reenable data reception.

ProcessData Method (SSLClient Control)

This method reenables data reception after a call to PauseData .

Syntax

sslclientcontrol.ProcessData 

Remarks

This method reenables data reception after a previous call to PauseData. When PauseData is called, the DataIn event will not fire. To reenable data reception and allow DataIn to fire, call this method.

Note: This method is used only after previously calling PauseData. It does not need to be called to process incoming data by default.

Reset Method (SSLClient Control)

This method will reset the control.

Syntax

sslclientcontrol.Reset 

Remarks

This method will reset the control's properties to their default values.

Send Method (SSLClient Control)

This method sends binary data to the remote host.

Syntax

sslclientcontrol.Send Text

Remarks

This method sends the specified binary data to the remote host. To send text, use the SendText method instead.

When Timeout is set to 0, the control will behave asynchronously. If you are sending data to the remote host faster than it can process it, or faster than the network's bandwidth allows, the outgoing queue might fill up. When this happens, the operation fails with error 25036: "[10035] Operation would block" (WSAEWOULDBLOCK). You can trap this error, and then try to send the data again. . The BytesSent property shows how many bytes were sent (if any). If 0 bytes were sent, then you can wait for the ReadyToSend event before attempting to send data again.

Note: The ReadyToSend event is not fired when part of the data is sent successfully.

SendBytes Method (SSLClient Control)

This method sends binary data to the remote host.

Syntax

sslclientcontrol.SendBytes Data

Remarks

This method sends the specified binary data to the remote host. To send text, use the SendText method instead.

When Timeout is set to 0, the control will behave asynchronously. If you are sending data to the remote host faster than it can process it, or faster than the network's bandwidth allows, the outgoing queue might fill up. When this happens, the operation fails with error 25036: "[10035] Operation would block" (WSAEWOULDBLOCK). You can trap this error, and then try to send the data again. . The BytesSent property shows how many bytes were sent (if any). If 0 bytes were sent, then you can wait for the ReadyToSend event before attempting to send data again.

Note: The ReadyToSend event is not fired when part of the data is sent successfully.

SendFile Method (SSLClient Control)

This method sends a file to the remote host.

Syntax

sslclientcontrol.SendFile FileName

Remarks

This method sends the specified file to the remote host.

This method requires Timeout be set to a positive value. This allows the control to ensure that the file is transferred completely without a WOULDBLOCK error. See Timeout for details.

SendLine Method (SSLClient Control)

This method sends a string followed by a newline.

Syntax

sslclientcontrol.SendLine Text

Remarks

This method sends a string followed by a newline. This method is used to send data with line-oriented protocols. The line is followed by CRLF (Chr$(13) & Chr$(10)) .

Please refer to the GetLine method and SingleLineMode property for more information.

SendText Method (SSLClient Control)

This method sends text to the remote host.

Syntax

sslclientcontrol.SendText Text

Remarks

This method sends the specified text to the remote host. To send binary data, use the SendBytes method instead.

When Timeout is set to 0, the control will behave asynchronously. If you are sending data to the remote host faster than it can process it, or faster than the network's bandwidth allows, the outgoing queue might fill up. When this happens, the operation fails with error 25036: "[10035] Operation would block" (WSAEWOULDBLOCK). You can trap this error, and then try to send the data again. . The BytesSent property shows how many bytes were sent (if any). If 0 bytes were sent, then you can wait for the ReadyToSend event before attempting to send data again.

Note: The ReadyToSend event is not fired when part of the data is sent successfully.

StartSSL Method (SSLClient Control)

This method starts Secure Sockets Layer (SSL) negotiation on a plaintext connection.

Syntax

sslclientcontrol.StartSSL 

Remarks

This method is used to start SSL negotiation on a plaintext connection. Please refer to the SSLStartMode property for more information.

Note: The Connected event will fire again after SSL negotiation is complete.

Connected Event (SSLClient Control)

Fired immediately after a connection completes (or fails).

Syntax

Sub sslclientcontrol_Connected(StatusCode As Integer, Description As String)

Remarks

If the connection is made normally, StatusCode is 0 and Description is "OK".

If the connection fails, StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error. The corresponding Visual Basic error code can be obtained by adding 15001 to this value.

Please refer to the Error Codes section for more information.

ConnectionStatus Event (SSLClient Control)

Fired to indicate changes in the connection state.

Syntax

Sub sslclientcontrol_ConnectionStatus(ConnectionEvent As String, StatusCode As Integer, Description As String)

Remarks

This event is fired when the connection state changes: for example, completion of a firewall or proxy connection or completion of a security handshake.

The ConnectionEvent parameter indicates the type of connection event. Values may include the following:

DataIn Event (SSLClient Control)

This event is fired when data (complete lines) come in.

Syntax

Sub sslclientcontrol_DataIn(Text As String, EOL As Boolean)

Remarks

Trapping the DataIn event is your only chance to get the data coming from the other end of the connection. The incoming data are provided through the Text parameter.

EOL indicates whether or not the EOL string was found at the end of Text. If the EOL string was found, then EOL is True.

If Text is part of a data portion of length larger than MaxLineLength with no EOL strings in it, then EOL is False. Note: This means that one or more DataIn events with EOL set to False can be received during a connection.

If the EOL property is "" (empty string), then EOL can be disregarded (it is always True).

Note: Events are not re-entrant. Performing time-consuming operations within this event will prevent it from firing again in a timely manner and may affect overall performance.

Disconnected Event (SSLClient Control)

Fired when a connection is closed.

Syntax

Sub sslclientcontrol_Disconnected(StatusCode As Integer, Description As String)

Remarks

If the connection is broken normally, StatusCode is 0 and Description is "OK".

If the connection is broken for any other reason, StatusCode has the error code returned by the Transmission Control Protocol (TCP/IP) subsystem. Description contains a description of this code. The value of StatusCode is equal to the value of the TCP/IP error. The corresponding Visual Basic error code can be obtained by adding 15001 to this value.

Please refer to the Error Codes section for more information.

Error Event (SSLClient Control)

Fired when information is available about errors during data delivery.

Syntax

Sub sslclientcontrol_Error(ErrorCode As Integer, Description As String)

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the control fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

ReadyToSend Event (SSLClient Control)

This event is fired when the control is ready to send data.

Syntax

Sub sslclientcontrol_ReadyToSend()

Remarks

The ReadyToSend event indicates that the underlying Transmission Control Protocol (TCP)/IP subsystem is ready to accept data after a failed SendBytes. This event also is fired immediately after a connection to the remote host is established.

SSLServerAuthentication Event (SSLClient Control)

Fired after the server presents its certificate to the client.

Syntax

Sub sslclientcontrol_SSLServerAuthentication(CertEncoded As String, CertSubject As String, CertIssuer As String, Status As String, Accept As Boolean)

Remarks

During this event, the client can decide whether or not to continue with the connection process. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether or not to continue.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string OK). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.

SSLStatus Event (SSLClient Control)

Fired when secure connection progress messages are available.

Syntax

Sub sslclientcontrol_SSLStatus(Message As String)

Remarks

The event is fired for informational and logging purposes only. This event tracks the progress of the connection.

Config Settings (SSLClient Control)

TCPClient Config Settings

SSL Config Settings

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert ...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert ...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert ...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert ...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEKzCCAxOgAwIBAgIRANTET4LIkxdH6P+CFIiHvTowDQYJKoZIhvcNAQELBQAw
... Intermediate Cert...
eWHV5OW1K53o/atv59sOiW5K3crjFhsBOd5Q+cJJnU+SWinPKtANXMht+EDvYY2w
F0I1XhM+pKj7FjDr+XNj
-----END CERTIFICATE-----
\r \n
-----BEGIN CERTIFICATE-----
MIIEFjCCAv6gAwIBAgIQetu1SMxpnENAnnOz1P+PtTANBgkqhkiG9w0BAQUFADBp
... Root Cert...
d8q23djXZbVYiIfE9ebr4g3152BlVCHZ2GyPdjhIuLeH21VbT/dyEHHA
-----END CERTIFICATE-----

Socket Config Settings

Base Config Settings

Trappable Errors (SSLClient Control)

SSLClient Errors

SSL Errors

TCP/IP Errors