property OnClientCertificateValidation: TScRemoteCertificateValidationEvent;
type
TScRemoteCertificateValidationEvent = procedure (Sender: TObject; RemoteCertificate: TScCertificate; CertificateList: TList; var Errors: TScCertificateStatusSet) of object;
Description
Occurs when the client certificate is received from the TLS/SSL client.
During the authentication process, the TLS/SSL client should send a set of certificates signed by a CA certificate. If the received certificate is not signed by the CA certificate, the Errors parameter of the OnClientCertificateValidation event handler will contain information about the errors. If the client certificate is signed by the CA certificate, the Errors set will be empty. A handler of this event can perform additional verifications to authenticate the client. If you trust the client, clear the Errors set, and the connection will be established.
You can also specify, whether the client certificate is required to create a TLS connection in the IsClientCertificateRequired property.
Parameters:
• | Sender - the object that raised the event; |
• | RemoteCertificate - the certificate received from the client; |
• | CertificateList - the list of client certificates received from the client; |
• | Errors - TScSSLServerConnection determines the value of the Errors parameter and passes it into this event. You can change the Errors value within this event handler. If Errors is empty, the client is considered valid, and the client authentication is considered successful. Otherwise, the client is considered invalid, and the connection is closed. |