Dimitris Botsis wrote: > "remotely" I mean that client must contact server in order to find > certificate and then verify it to see if it contains signature that > client expects in order to establish trusted connection. Thank you > for replying
I still do not understand. A client must always connect to a server in order to receive its certificate (chain). Verification of the received certificate can be done locally or remotely by sending it to an OCSP server. Do you by any chance mean OCSP? http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol OCSP is not implemented in ICS, however if you use the Microsoft Crypto API for certificate verification as shown in demo OverbyteIcsMsVerify then Windows (Vista+) may use OCSP as well. -- Arno Garrels > > 26 Αυγ 2011, 11:00 π.μ., ο/η "Arno Garrels" <arno.garr...@gmx.de> > έγραψε: > >> Dimitris Botsis wrote: >>> How can a client that connects with https verify the server's SSL >>> certificate remotely ? >> >> What do you mean by "remotely"? >> >> Take a look at two samples in the SslInternet folder: >> OverbyteIcsHttpsTst and OverbyteIcsMsVerify. >> >> -- >> Arno Garrels >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be