Enumeration

SSLClientCertificateState

An enumeration of the states of client certificate exchange.

Declaration

typedef enum SSLClientCertificateState : int {
    ...
} SSLClientCertificateState;

Topics

Constants

kSSLClientCertNone

Indicates that the server hasn’t asked for a certificate and that the client hasn’t sent one.

kSSLClientCertRequested

Indicates that the server has asked for a certificate, but the client has not sent it.

kSSLClientCertSent

Indicates that the server asked for a certificate, the client sent one, and the server validated it. The application can inspect the certificate using the function SSLGetPeerCertificates.

kSSLClientCertRejected

Indicates that the client sent a certificate but the certificate failed validation. This value is seen only on the server side. The server application can inspect the certificate using the function SSLGetPeerCertificates.

See Also

Authentication

SSLAddDistinguishedName

Adds a DER-encoded distinguished name to a list of acceptable names to be specified in requests for client certificates.

SSLCopyDistinguishedNames

Retrieves the distinguished names of acceptable certification authorities.

SSLSetCertificate

Specifies this connection’s certificate or certificates.

SSLGetClientCertificateState

Retrieves the exchange status of the client certificate.

SSLCopyPeerTrust

Retrieves a trust management object for the certificate used by a session.

SSLSetOCSPResponse

Sets the OCSP response for the given SSL session.

SSLSetSessionTicketsEnabled

Enables or disables session ticket resumption.