TElSSLClient.OnCertificateNeededEx event

TElSSLClient.OnCertificateNeededEx

This event is fired when the protocol requires a client certificate. This event obsoletes the OnCertificateNeeded event. Please avoid using the OnCertificateNeeded event in your applications, as OnCertificateNeededEx event gives much more flexibility.

Declaration

[C#]
event TSBCertificateNeededExEvent OnCertificateNeededEx;
delegate void TSBCertificateNeededExEvent(Object Sender, ref TElX509Certificate Certificate);

[VB.NET]
Event OnCertificateNeededEx As TSBCertificateNeededExEvent
Delegate Sub TSBCertificateNeededExEvent(ByVal Sender As Object, ByRef Certificate As TElX509Certificate)

[Pascal]
property OnCertificateNeededEx : TSBCertificateNeededExEvent;
TSBCertificateNeededExEvent = procedure (Sender: TObject; var Certificate: TElX509Certificate) of object;

[C++]
    void get_OnCertificateNeededEx(TSBCertificateNeededExEvent &pMethodOutResult, void * &pDataOutResult);
    void set_OnCertificateNeededEx(TSBCertificateNeededExEvent pMethodValue, void * pDataValue);
    typedef void (SB_CALLBACK *TSBCertificateNeededExEvent)(void * _ObjectData, TObjectHandle Sender, TElX509CertificateHandle &Certificate);

[PHP]
    TSBCertificateNeededExEvent|callable|NULL get_OnCertificateNeededEx()
    void set_OnCertificateNeededEx(TSBCertificateNeededExEvent|callable|NULL $Value)
    callable TSBCertificateNeededExEvent(TObject $Sender, TElX509Certificate &$Certificate)

[Java]
    TSBCertificateNeededExEvent getOnCertificateNeededEx();
    void setOnCertificateNeededEx(TSBCertificateNeededExEvent Value);
    TSBCertificateNeededExEvent.Callback OnCertificateNeededEx = new TSBCertificateNeededExEvent.Callback() {
        public TElX509Certificate TSBCertificateNeededExEventCallback(TObject Sender) {
            //...
        }
    }

Parameters

Certificate - points to instance of TElX509Certificate class (see noted below)

Description

This event is fired by TElSSLClient when the negotiated protocol requires a client-side X509 certificate to be used during the session. TElSSLClient fires OnCertificateNeededEx event consequently, until the nil/NULL value is passed as Certificate parameter. This gives the ability to pass a certificate chain to the server, not only a single certificate. This event should be handled in the following way:

Pass the whole certificate chain, beginning at end-entity certificate with a corresponding private key.
When the chain is over, pass nil/NULL as Certificate parameter.

OnCertificateNeededEx can accept the certificate which belongs to the certain chain. In this case the whole chain is sent and OnCertificateNeededEx is not fired further.

An alternative to this event is to use ClientCertStorage property.

Discuss this help topic in SecureBlackbox Forum