soConfigTLS (Function) |
Top Previous Next |
The soConfigTLS function enables or disables the use of a secure TLS connection for a socket. The secure TLS (TLS v1.2, v1.1 or 1.0) connection can be established assuming that a matching X509 certificate(s) is present.
If a connection is present when the function is called, the secure connection will be established immediately. Otherwise the secure connection will be established together with the socket connection. (in the soConnect or soAccept functions)
Using TLS as a client:1. Ensure the root certificate needed to verify the server is present. 2. Set enable := TRUE' when calling soConfigTLS.
If client verification is required by server then: 1. Ensure the client certificate needed to verify the device is present. 2. Set 'certificate' and 'password' according to the installed client certificate when calling soConfigTLS.
Using TLS as a server:1. Ensure the server certificate used to create the secure connection, and identify the device, is present. 2. Set enable := TRUE' when calling soConfigTLS. 3. Set 'certificate' and 'password' according to the installed server certificate when calling soConfigTLS.
To enable verification of the connecting client(s): 1. Ensure the root certificate needed to verify the connecting client is present. 2. Set 'peer_cert := TRUE' when calling soConfigTLS.
Input: socket : SYSHANDLE Handle to the socket.
enable : BOOL
peer_cert : BOOL
Only used if listening for incoming connections.
certificate : STRING The certificate to use for the secure connections. Only include if listening for incoming connections, or if the server require clients to include a certificate.
password : STRING The password for the certificate if required.
Returns: INT
Declaration: FUNCTION soConfigTLS : INT;
Example:
|