TsgcWebSocketServer › Events › OnSSLVerifyPeer
Fires when VerifyCertificate is enabled and the client presents a certificate to be accepted or rejected.
property OnSSLVerifyPeer: TsgcOnSSLVerifyPeer;
// TsgcOnSSLVerifyPeer = procedure(Sender: TObject; Certificate: TIdX509; AOk: Boolean; ADepth, AError: Integer; var Accept: Boolean) of object—
When SSLOptions.VerifyCertificate is True and the client supplies a certificate during the TLS handshake, OnSSLVerifyPeer is raised once per certificate in the chain. The Certificate parameter exposes the X.509 data, AOk contains the verification result from the TLS layer, ADepth is the position in the chain (0 for the leaf), and AError is the error code when verification fails. Set Accept to True to trust the certificate or False to abort the connection. The event is not fired when the client does not present a certificate; to enforce a client certificate set SSLOptions.VerifyCertificate_Options.FailIfNoCertificate to True.
function OnSSLVerifyPeerEvent(Sender: TObject; Certificate: TIdX509;
AOk: Boolean; ADepth, AError: Integer; var Accept: Boolean);
begin
// ... validate the certificate
if Certificate_OK then
Accept := True
else
Accept := False;
end;