TsgcWebSocketClient.OnSSLVerifyPeer
Click here to see this page in full context

TsgcWebSocketClientEvents › OnSSLVerifyPeer

OnSSLVerifyPeer Event

Fires when VerifyCertificate is enabled so the application can accept or reject the server certificate.

Syntax

property OnSSLVerifyPeer: TsgcOnSSLVerifyPeer;
// TsgcOnSSLVerifyPeer = procedure(Sender: TObject; Certificate: TIdX509; AOk: Boolean; ADepth, AError: Integer; var Accept: Boolean) of object

Default Value

Remarks

When TLSOptions.VerifyCertificate is True and OpenSSL is the selected IOHandler, OnSSLVerifyPeer is raised once per certificate in the chain presented by the server. The Certificate parameter exposes the X.509 data, AOk contains OpenSSL's own verification result, ADepth is the position in the chain (0 for the leaf), and AError is the OpenSSL error code when verification fails. Set Accept to True to trust the certificate or False to abort the connection. When SChannel is used instead of OpenSSL, use OnSChannelVerifyPeer.

Example


function OnSSLVerifyPeer(Sender: TObject; Certificate: TIdX509;
  AOk: Boolean; ADepth, AError: Integer; var Accept: Boolean);
begin
  // ... validate the certificate
  if AOk then
    Accept := True
  else
    Accept := False;
end;

Back to Events