Authenticating certificates

What are the steps involved in authenticating a certificate?

Date Entered: 11/1/2001    Last Updated: 06/4/2004

There are two different ways to accept a certificate; through use of the SecurityFlags configuration setting or through the SSLServerAuthentication event. The SecurityFlags setting contains one hexidecimal value for all of the flags that can be set. You can find the most frequently used flags in the help files, the value you set for the property will be the sum of the values for each flag you want to set.

Once the flags have been set, the SSLServerAuthentication event (or in the case of a client certificate, the SSLClientAuthentication event) is the next check placed on the certificate. If the security flags criteria are not matched, the event will still allow you to accept the certificate.

Reading the Accept parameter of this event will tell you if the certificate is valid according to the security flags. The Accept parameter can also be assigned to true to manually accept the certificate under any conditions, if any, on which you will accept the certificate. For instance:

'If this certificate is issued by John Boy, I'll accept it
if CertIssuer = "John Boy" then
	Accept = True
end if

Or

'I will accept the certificate unconditionally
Accept = True

This allows you very flexible control over which circumstances to accept a certificate. Simply adding 'Accept = True' to this event will ensure the certificate is accepted.


We appreciate your feedback.  If you have any questions, comments, or suggestions about this entry please contact our support team at kb@nsoftware.com.