SSL Client Authentication

SSL/TLS is ever more prevalent on the web. This protocol provides encryption and validation of data sent, as well as the ability to verify the identity of one or both parties in a connection. Most typically, and especially with HTTPS, only the server's identity is verified. In some situations (e.g. 3DS) the client's identity is also verified.

Any of our components that support SSL typically support SSL client authentication as well. A component will automatically handle authenticating itself to the server as long as there is a valid certificate in the SSLCert property. Below are two examples showing how to set up a component for this.

In C#: http.SSLCert = new Certifcate(CertStoreTypes.cstPublicKeyFile, @"C:\path\to\your\certificate-with-private-key.pfx", "password", "CN=Steves Certificate"); // An asterisk (*) may be passed in lieu of the subject to select any certificate from the store.

And in C++: http.SetSSLCertStoreType(CST_PFXFILE); http.SetSSLCertStore("C:\\path\\to\\your\\certificate-with-private-key.pfx"); http.SetSSLCertStorePassword("password"); http.SetSSLCertSubject("CN=Steves Certificate");

For further information on the SSLCert* properties, the Certificate type, and possible values please refer to the documentation for a given product.

We appreciate your feedback.  If you have any questions, comments, or suggestions about this article please contact our support team at kb@nsoftware.com.